I'm using the web GUI of Nginx Proxy Manager that ran as an LXC container in Proxmox VE. When I try to add an SSL certificate, it said "internal errors" and returned this log.
2024-03-21 04:51:49,329:DEBUG:certbot._internal.main:certbot version: 2.1.0
2024-03-21 04:51:49,329:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/bin/certbot
2024-03-21 04:51:49,329:DEBUG:certbot._internal.main:Arguments: ['--config', '/etc/letsencrypt.ini', '--work-dir', '/tm>2024-03-21 04:51:49,329:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#dns-cloudflar>2024-03-21 04:51:49,337:DEBUG:certbot._internal.log:Root logging level set at 30
2024-03-21 04:51:49,338:DEBUG:certbot._internal.plugins.selection:Requested authenticator webroot and installer None
2024-03-21 04:51:49,338:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * webroot
Description: Place files in webroot directory
Interfaces: Authenticator, Plugin
Entry point: webroot = certbot._internal.plugins.webroot:Authenticator
Initialized: <certbot._internal.plugins.webroot.Authenticator object at 0x7fa139783d50>
Prep: True
2024-03-21 04:51:49,338:DEBUG:certbot._internal.plugins.selection:Selected authenticator <certbot._internal.plugins.web>2024-03-21 04:51:49,338:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator webroot, Installer None2024-03-21 04:51:49,685:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
2024-03-21 04:51:50,625:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Wed, 20 Mar 2024 21:51:50 GMT
Content-Type: application/json
Content-Length: 752
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
I have tested to see if the domain can be reached by clicking on the "Test Server Reachability" button in the web GUI. It works as far I am concerned.
Before requesting new SSL certificate for diaxpel-proxmox.duckdns.org, I successfully added one for diaxpel-jelly.duckdns.org. However, since then, I haven't been able to renew the certificate for this domain.
**Bonus: I'm also running a Pi-hole as a local DNS server (also an LXC), DHCP is handled by the ISP modem/router combo. I've set all of the containers to use host's settings for network, which is using the Pi-hole's DNS server.
My domain is: diaxpel-proxmox.duckdns.org
Nginx version: openresty/1.25.3.1
I can login to a root shell on my machine (yes or no, or I don't know): yes
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot): 2.1.0