Can't issue SSL certificate on Nginx Proxy Manager

Quan_Tran · March 21, 2024, 8:24am

I'm using the web GUI of Nginx Proxy Manager that ran as an LXC container in Proxmox VE. When I try to add an SSL certificate, it said "internal errors" and returned this log.

2024-03-21 04:51:49,329:DEBUG:certbot._internal.main:certbot version: 2.1.0
2024-03-21 04:51:49,329:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/bin/certbot
2024-03-21 04:51:49,329:DEBUG:certbot._internal.main:Arguments: ['--config', '/etc/letsencrypt.ini', '--work-dir', '/tm>2024-03-21 04:51:49,329:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#dns-cloudflar>2024-03-21 04:51:49,337:DEBUG:certbot._internal.log:Root logging level set at 30
2024-03-21 04:51:49,338:DEBUG:certbot._internal.plugins.selection:Requested authenticator webroot and installer None
2024-03-21 04:51:49,338:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * webroot
Description: Place files in webroot directory
Interfaces: Authenticator, Plugin
Entry point: webroot = certbot._internal.plugins.webroot:Authenticator
Initialized: <certbot._internal.plugins.webroot.Authenticator object at 0x7fa139783d50>
Prep: True
2024-03-21 04:51:49,338:DEBUG:certbot._internal.plugins.selection:Selected authenticator <certbot._internal.plugins.web>2024-03-21 04:51:49,338:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator webroot, Installer None2024-03-21 04:51:49,685:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
2024-03-21 04:51:50,625:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Wed, 20 Mar 2024 21:51:50 GMT
Content-Type: application/json
Content-Length: 752
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

I have tested to see if the domain can be reached by clicking on the "Test Server Reachability" button in the web GUI. It works as far I am concerned.

Before requesting new SSL certificate for diaxpel-proxmox.duckdns.org, I successfully added one for diaxpel-jelly.duckdns.org. However, since then, I haven't been able to renew the certificate for this domain.

**Bonus: I'm also running a Pi-hole as a local DNS server (also an LXC), DHCP is handled by the ISP modem/router combo. I've set all of the containers to use host's settings for network, which is using the Pi-hole's DNS server.

My domain is: diaxpel-proxmox.duckdns.org

Nginx version: openresty/1.25.3.1

I can login to a root shell on my machine (yes or no, or I don't know): yes

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): 2.1.0

webprofusion · March 21, 2024, 8:52am

Hmm, I'm not seeing any errors in that log, unless it's been truncated or just hasn't flushed all the log to disk yet. You may need to ask this question on the nginx proxy manager community.

system · April 20, 2024, 8:52am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.