Cannot load certificates (NPM)

My domain is: Nightingale.uni-mainz.de
crt.sh | nightingale.uni-mainz.de

I ran this command:
#1 (I tried to generate a new SSL cert through the Nginx Proxy Manager.)
We didn't delete anything from the directories themselves, i.e /
and:
#2 docker exec nginx-proxy-manager-stable nginx -s reload

#1 produced this output:
CommandError: nginx: [emerg] cannot load certificate "/etc/letsencrypt/live/npm-35/fullchain.pem": BIO_new_file() failed (SSL: error:80000002:system library::No such file or directory:calling fopen(/etc/letsencrypt/live/npm-35/fullchain.pem, r) error:10000080:BIO routines::no such file) nginx: configuration file /etc/nginx/nginx.conf test failed at /app/lib/utils.js:16:13 at ChildProcess.exithandler (node:child_process:430:5) at ChildProcess.emit (node:events:519:28) at maybeClose (node:internal/child_process:1105:16) at ChildProcess._handle.onexit (node:internal/child_process:305:5)

#2 nginx: [emerg] cannot load certificate "/etc/letsencrypt/live/npm-35/fullchain.pem": BIO_new_file() failed (SSL: error:80000002:system library::No such file or directory:calling fopen(/etc/letsencrypt/live/npm-35/fullchain.pem, r) error:10000080:BIO routines::no such file)

and the error.log showed the following:
2025/01/23 10:06:40 [emerg] 3916658#3916658: bind() to [::]:80 failed (98: Address already in use)
2025/01/23 10:06:40 [emerg] 3916658#3916658: still could not bind()

Docker images run this shit-show.

My web server is (include version):
Apache/2.4.62 (Debian)
I believe it's also shown something like React 1.26 or something similar when failing to enter a website one time but I don't quite remember.

The operating system my web server runs on is (include version):
Debian 12

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know): Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): Nginx Proxy Manager

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): We don't use certbot in this server environment. We use npm.

Did you check your volumes/mounts?

I've only found certificates in /srv.
Technically it does say that it found them in /etc, but they aren't actually there but in /srv. Some sort of symbolic connection I suppose.
I haven't been able to identify any other place.

When I say that I've technically found them, I'm talking about existing certificates. Not the ones that are currently missing.

NPM uses Certbot. It sets various custom options to fit it into the NPM framework. NPM also hides the key parts of Certbot error messages but that's not the problem here.

This looks like a fundamental NPM configuration problem best asked to NPM support.

NPM has configured nginx to use a cert file that does not exist. And, some kind of port 80 collision. Agree you have a "show" but shoveling out from that is an NPM issue

The port 80 collision could probably be resolved by shutting everything down, but there's the question as to how one would get it back up again when Nginx is virtually inaccessible.
I'll make a post on npm's GitHub community forum. That seems to be the best they've got in terms of support for projects as in this case.

Ouch.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.