Can't get cert in npm

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:
http://srimuang.ddns.net
I ran this command:

Test Server Reachability

It produced this output:
Error: Command failed: certbot certonly --config "/etc/letsencrypt.ini" --cert-name "npm-7" --agree-tos --authenticator webroot --email "chat_4432@hotmail.com" --preferred-challenges "dns,http" --domains "srimuang.ddns.net"
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.

at ChildProcess.exithandler (node:child_process:399:12)
at ChildProcess.emit (node:events:526:28)
at maybeClose (node:internal/child_process:1092:16)
at Socket. (node:internal/child_process:451:11)
at Socket.emit (node:events:526:28)
at Pipe. (node:net:687:12)

My web server is (include version):
nginx proxy manager v2.9.18
The operating system my web server runs on is (include version):
debian 11 bulleye
My hosting provider, if applicable, is:
no-ip
I can login to a root shell on my machine (yes or no, or I don't know):
yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

That needs a webroot path for that domain.
See:
https://eff-certbot.readthedocs.io/en/stable/using.html#webroot

4 Likes

i need to use this command in nginx proxy manager or cli ?

I don't use NPM, so I can't say for sure.
But it looks like your CLI command is missing part of the required arguments.

4 Likes

Can you upload this log file? You have not shown enough to see the cause of the failure.

Did you know your site cannot be reached with HTTP or HTTPS? If you are relying on the HTTP challenge for getting a cert this is a problem.

curl -i -m 10 http://srimuang.ddns.net
curl: (28) Connection timed out after 10000 milliseconds
4 Likes

sorry i can't
-bash: cd: letsencrypt: No such file or directory
[ Directory '/var/log/letsencrypt' does not exist ]

Try finding that file, with:
find / -name letsencrypt.log

5 Likes

$ sudo find / -name letsencrypt.log

/var/lib/docker/overlay2/e0f67f639a5d50d919438922c765b31a128490db7ef4631857a673520399bd99/merged/var/log/letsencrypt/letsencrypt.log
/var/lib/docker/overlay2/e0f67f639a5d50d919438922c765b31a128490db7ef4631857a673520399bd99/diff/var/log/letsencrypt/letsencrypt.log

$ cd /docker
-bash: cd: /docker: No such file or directory

hmm... Docker.
Are you in the right container?

3 Likes

i just using portainer how should i get ssl ?

i explore my volume
/volume1/docker/nginx/data/logs $ ls
fallback_access.log letsencrypt-requests_access.log proxy-host-1_access.log proxy-host-2_access.log
fallback_error.log letsencrypt-requests_error.log proxy-host-1_error.log proxy-host-2_error.log

which file ??

I don't know where NPM would put the debug log stated in this message. You might ask on an NPM forum.

The command says to use the webroot authenticator which uses HTTP challenge. But, I still cannot connect to your site using an http request. See also Let's Debug test site. A DNS challenge might succeed if you setup the TXT records correctly.

4 Likes

i try docker cp /var/log/letsencrypt/letsencrypt.log inside docker container but
when i try to upload it show
Sorry, the file you are trying to upload is not authorized (authorized extensions: jpg, jpeg, png, gif, go, js, txt, pcap, pcapng, pem).
in 0 kb size
what should I do ??
can you explain those challenges & TXT records?

Can you make a copy of the log file as a .txt file and upload that?

See this Let's Encrypt topic about challenge types

The certbot docs for that are here
https://eff-certbot.readthedocs.io/en/stable/using.html#dns-plugins

4 Likes

i can't upload even txt
can you help me,what I am wrong/missing up
I use this guide to setup

You could also use sites e.g. https://pastebin.com/ for the log.

3 Likes

I cannot read that guide because it requires an account at HDS.

We would be happy to look at a certbot log and give advice. Osiris suggested yet another way to do that.

But, I think your problem is larger and involves docker, NPM, and maybe other pieces on your system. You may be better off asking at an NPM forum as it is often difficult to use. Or, even a docker forum. People at either of those may be able to help configure your overall system.

I say this because you don't have anything working from the public internet yet. As I noted back in post #5 I can't reach your site using HTTP (port 80). And, I don't see you have port 443 open for HTTPS either. These are basic things that need to be working first.

5 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.