Can't add Porkbun SSL certificate to Nginx

Hi everyone!
I am trying to add my SSL-certificate to a Nginx proxy via Let's encrypt and DNS Challenge. After filling out all the fields and trying to add a certificate, the action results in a timeout. The certificate is shown as inactive and gets automatically deleted soon after the error message.

DDNS is left disabled on the Porkbun domain control panel.

If this matters, the Nginx instance is running in a docker container on a TrueNas host.

I would appreciate any help!

Below is the log from the container:
My domain is: vladdy.dev
Certbot Version: 3.2.0
I ran this command:

certbot certonly --config '/etc/letsencrypt.ini' --work-dir "/tmp/letsencrypt-lib" --logs-dir "/tmp/letsencrypt-log" --cert-name 'npm-2' --agree-tos --email 'nginx.casually537@passmail.net' --domains '*.vladdy.dev' --authenticator 'dns-porkbun' --dns-porkbun-credentials '/etc/letsencrypt/credentials/credentials-2'

It produced this output:

2025-04-13 18:20:17.735853+00:00[4/13/2025] [8:20:17 PM] [Global ] › ⬤ debug CMD: certbot certonly --config '/etc/letsencrypt.ini' --work-dir "/tmp/letsencrypt-lib" --logs-dir "/tmp/letsencrypt-log" --cert-name 'npm-2' --agree-tos --email 'nginx.casually537@passmail.net' --domains '*.vladdy.dev' --authenticator 'dns-porkbun' --dns-porkbun-credentials '/etc/letsencrypt/credentials/credentials-2'
2025-04-13 18:30:29.307403+00:00[4/13/2025] [8:30:29 PM] [Global ] › ⬤ debug CMD: /usr/sbin/nginx -t -g "error_log off;"
2025-04-13 18:30:29.317509+00:00[4/13/2025] [8:30:29 PM] [Nginx ] › info Reloading Nginx
2025-04-13 18:30:29.317561+00:00[4/13/2025] [8:30:29 PM] [Global ] › ⬤ debug CMD: /usr/sbin/nginx -s reload
2025-04-13 18:30:29.335049+00:00[4/13/2025] [8:30:29 PM] [Express ] › warning Saving debug log to /tmp/letsencrypt-log/letsencrypt.log
2025-04-13 18:30:29.335100+00:00No challenge TXT record found for domain vladdy.dev with value 9kf6FhJG2z8dn3jic7M8CUPWJXHt2tskxvcH2cD-D3c
2025-04-13 18:30:29.335115+00:00Some challenges have failed.
2025-04-13 18:30:29.335139+00:00Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /tmp/letsencrypt-log/letsencrypt.log or re-run Certbot with -v for more details.
2025-04-13 18:30:29.335152+00:002025-04-13T18:30:29.335152481Z

Certbot Version: 3.2.0

Hi @vladdy, welcome!

Here is a list of issued certificates crt.sh | vladdy.dev, how did you get those issued?
And why not just use one of them?

Edit

Actually looks like the certificate presently being served https://decoder.link/sslchecker/vladdy.dev/443 is this certificate crt.sh | 17822990774.

Hi @Bruce5051! Thanks for the quick reply!

these certificates were automatically generated by Porkbun when I bought the domain. As far as I understand, to use them for wildcard names and automatic certificate renewal in Nginx, I need to add via SSL Certificates>Add SSL Certificate>Let's encrypt and then as follows:

image492×876 24.3 KB

After saving it, I get the timeout and error above.

And you actually replaced the your-porkbun-api-key and your-porkbun-api-secret with your actual API key and API secret, right?

Also, it seems like your domain is still in some kind of "Parked" status at Porkbun.. So not sure what you're trying to run on your NPM, but it's probably not going to work while your domain is still "parked".

Right, I used the key and the secret generated on Porkbun and activated API access for the domain.

Not sure what you mean with the "parked" status. I am trying to use the certificates generated to encrypt my traffic between the proxy the my local services.

Your website currently looks like this:

image800×1097 50.2 KB

I haven't hosted anything yet. Is it necessary to do it to use the created certificates?

I don't know exactly, just thinking out loud here.

Without the actual error message which Nginx Proxy Manager doesn't show by default, it's hard to say what's actually causing the problem.

NPM is notoriously difficult to debug because they've developed it in such an absurdly complex way that you need to manually fetch the mentioned Certbot log file to know what's actually going on with the certificate process.

Personally I detest everything written in JavaScript that's not used in HTML and especially NPM due to their lack of any intelligence with regard to the Certbot error processing.

I also don't know anything about PorkBun..

So there's that

That was the first thing I tried to do. The folder /tmp/letsencrypt-log/ doesn't not exist

Honestly, I tried NPM because it was supposed to be easy but not I'm thinking Traefix would have been way easier