Cert request fails while using Nginx Proxy Manager

My domain is: nas.christopherjohnson.dev

I ran this command: Not sure

It produced this output: Not sure

My web server is (include version): I'm using a Synology NAS with Docker

The operating system my web server runs on is (include version): not sure, probably Linux since it's being used by Nginx Proxy Manager

My hosting provider, if applicable, is: Technically GoDaddy, but I have the nameservers pointed to CloudFlare

I can login to a root shell on my machine (yes or no, or I don't know): Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): Kinda

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): Not Sure

I setup port forwarding to direct 4443 and 8080 to the Docker ports Nginx uses.

This is my logfile:

2022-12-07 12:59:09,959:DEBUG:certbot._internal.main:certbot version: 1.27.0
2022-12-07 12:59:09,960:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/bin/certbot
2022-12-07 12:59:09,960:DEBUG:certbot._internal.main:Arguments: ['--config', '/etc/letsencrypt.ini', '--cert-name', 'npm-8', '--agree-tos', '--authenticator', 'webroot', '--email', 'chris@thatamazingprogrammer.com', '--preferred-challenges', 'dns,http', '--domains', 'nas.christopherjohnson.dev']
2022-12-07 12:59:09,960:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2022-12-07 12:59:09,997:DEBUG:certbot._internal.log:Root logging level set at 30
2022-12-07 12:59:09,999:DEBUG:certbot._internal.plugins.selection:Requested authenticator webroot and installer None
2022-12-07 12:59:10,007:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * webroot
Description: Place files in webroot directory
Interfaces: Authenticator, Plugin
Entry point: webroot = certbot._internal.plugins.webroot:Authenticator
Initialized: <certbot._internal.plugins.webroot.Authenticator object at 0x7fd0ea297b50>
Prep: True
2022-12-07 12:59:10,007:DEBUG:certbot._internal.plugins.selection:Selected authenticator <certbot._internal.plugins.webroot.Authenticator object at 0x7fd0ea297b50> and installer None
2022-12-07 12:59:10,008:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator webroot, Installer None
2022-12-07 12:59:10,145:DEBUG:certbot._internal.main:Picked account: <Account(RegistrationResource(body=Registration(key=None, contact=(), agreement=None, status=None, terms_of_service_agreed=None, only_return_existing=None, external_account_binding=None), uri='https://acme-v02.api.letsencrypt.org/acme/acct/859156827', new_authzr_uri=None, terms_of_service=None), 598034f72c3a660a76af19c8e4267f2b, Meta(creation_dt=datetime.datetime(2022, 12, 6, 20, 33, 12, tzinfo=<UTC>), creation_host='jlesage-nginx-proxy-manager1', register_to_eff=None))>
2022-12-07 12:59:10,146:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
2022-12-07 12:59:10,149:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443
2022-12-07 12:59:10,460:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 659
2022-12-07 12:59:10,461:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Wed, 07 Dec 2022 12:59:10 GMT
Content-Type: application/json
Content-Length: 659
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "_MK7TXx8XsA": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
  "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
  "meta": {
    "caaIdentities": [
      "letsencrypt.org"
    ],
    "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf",
    "website": "https://letsencrypt.org"
  },
  "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
  "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
  "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
  "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
}
2022-12-07 12:59:10,461:DEBUG:certbot._internal.display.obj:Notifying user: Requesting a certificate for nas.christopherjohnson.dev
2022-12-07 12:59:10,467:DEBUG:certbot.crypto_util:Generating ECDSA key (2048 bits): /etc/letsencrypt/keys/0000_key-certbot.pem
2022-12-07 12:59:10,474:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0000_csr-certbot.pem
2022-12-07 12:59:10,478:DEBUG:acme.client:Requesting fresh nonce
2022-12-07 12:59:10,478:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce.
2022-12-07 12:59:10,563:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0
2022-12-07 12:59:10,564:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Wed, 07 Dec 2022 12:59:10 GMT
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 2712ClINvfnyficgU-R0wwjBKixrWQYOhGMyYknvM26ziRc
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800


2022-12-07 12:59:10,564:DEBUG:acme.client:Storing nonce: 2712ClINvfnyficgU-R0wwjBKixrWQYOhGMyYknvM26ziRc
2022-12-07 12:59:10,565:DEBUG:acme.client:JWS payload:
b'{\n  "identifiers": [\n    {\n      "type": "dns",\n      "value": "nas.christopherjohnson.dev"\n    }\n  ]\n}'
2022-12-07 12:59:10,570:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvODU5MTU2ODI3IiwgIm5vbmNlIjogIjI3MTJDbElOdmZueWZpY2dVLVIwd3dqQktpeHJXUVlPaEdNeVlrbnZNMjZ6aVJjIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ",
  "signature": "ev0OuX6836eC8vs627owKEovT-GMQ3W_7pyoJnGW5o70Xz5L8vVtL8coHIw-CatOMh1rXc1Ge3h6W5O9UVEoKFdO5GhBP6bqCZx-ioJeW_TdxtO-y_6yPfynf_b5av2sTXW4odKi0EEvN7kS4coDF6q2fBFoiY0ffXyDrXvO06diH9b4-GAEN1tfKsPOxAUhmTTgAPqvE1MZvvKpMmnNJGiJgVCkhqJ6_k-8H2bj0cxWunEkP3YgBKsbM5GRWLzxkcE9LC3poZgNUFJN9ztUPuwuQZciiBPntO7jQo4iQep66Rx7zfNX6AHS5BWrHVlO_-DPOTFLjLXEyCyq_TMS5Q",
  "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIm5hcy5jaHJpc3RvcGhlcmpvaG5zb24uZGV2IgogICAgfQogIF0KfQ"
}
2022-12-07 12:59:10,731:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 351
2022-12-07 12:59:10,732:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Date: Wed, 07 Dec 2022 12:59:10 GMT
Content-Type: application/json
Content-Length: 351
Connection: keep-alive
Boulder-Requester: 859156827
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Location: https://acme-v02.api.letsencrypt.org/acme/order/859156827/151220378317
Replay-Nonce: C400hLu-f662pc8yYz_yGdAL1ekImJro_essHooKLhfAq1M
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "status": "pending",
  "expires": "2022-12-14T12:59:10Z",
  "identifiers": [
    {
      "type": "dns",
      "value": "nas.christopherjohnson.dev"
    }
  ],
  "authorizations": [
    "https://acme-v02.api.letsencrypt.org/acme/authz-v3/185007966707"
  ],
  "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/859156827/151220378317"
}
2022-12-07 12:59:10,732:DEBUG:acme.client:Storing nonce: C400hLu-f662pc8yYz_yGdAL1ekImJro_essHooKLhfAq1M
2022-12-07 12:59:10,733:DEBUG:acme.client:JWS payload:
b''
2022-12-07 12:59:10,736:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/185007966707:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvODU5MTU2ODI3IiwgIm5vbmNlIjogIkM0MDBoTHUtZjY2MnBjOHlZel95R2RBTDFla0ltSnJvX2Vzc0hvb0tMaGZBcTFNIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8xODUwMDc5NjY3MDcifQ",
  "signature": "nI-wwpS3sAqg17JvL45O-m4of1nMU_BL2K9vIxlXG2-YSYKyaDZ56vSPh6x4W3uFtGkDx1bmwwACse4BlpGVC_did_O-hHUCGvFVfWPgzv91fh-IJvljP-b_z3Xlq75wnjJAeW1Rd_9WHEdgGZeLTZgPY_kIZUaHujcDWrpsfC2hVVAwx_PVYbx5qUe38Cg1mOscgV3_vhy-h1gVIAPPKm3-5TQSxhE0ckG0J94TSHla-XrFco8X8ibcUNnwbJ2CTz3ZpncF_O5iqhWsPLbP5JILS2dwjWepDVVbJiG54k2YpKdHLl7NuBaeWpmHqRykgMOPyxOUbWO-ICqu2LvXvQ",
  "payload": ""
}
2022-12-07 12:59:10,823:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/185007966707 HTTP/1.1" 200 810
2022-12-07 12:59:10,824:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Wed, 07 Dec 2022 12:59:10 GMT
Content-Type: application/json
Content-Length: 810
Connection: keep-alive
Boulder-Requester: 859156827
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 2712deML3i7KOo20RL8XKdZIaREiRD3TaaZA7_NqeXxiS44
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "nas.christopherjohnson.dev"
  },
  "status": "pending",
  "expires": "2022-12-14T12:59:10Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/185007966707/9Aex6w",
      "token": "NcEZy0HXy0SahSsgXzs4hgI4AsdFNfpWTH7JvZEy_k0"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/185007966707/7coHXg",
      "token": "NcEZy0HXy0SahSsgXzs4hgI4AsdFNfpWTH7JvZEy_k0"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/185007966707/MIDVhw",
      "token": "NcEZy0HXy0SahSsgXzs4hgI4AsdFNfpWTH7JvZEy_k0"
    }
  ]
}
2022-12-07 12:59:10,824:DEBUG:acme.client:Storing nonce: 2712deML3i7KOo20RL8XKdZIaREiRD3TaaZA7_NqeXxiS44
2022-12-07 12:59:10,825:INFO:certbot._internal.auth_handler:Performing the following challenges:
2022-12-07 12:59:10,825:INFO:certbot._internal.auth_handler:http-01 challenge for nas.christopherjohnson.dev
2022-12-07 12:59:10,826:INFO:certbot._internal.plugins.webroot:Using the webroot path /data/letsencrypt-acme-challenge for all unmatched domains.
2022-12-07 12:59:10,826:DEBUG:certbot._internal.plugins.webroot:Creating root challenges validation dir at /data/letsencrypt-acme-challenge/.well-known/acme-challenge
2022-12-07 12:59:10,828:DEBUG:certbot._internal.plugins.webroot:Attempting to save validation to /data/letsencrypt-acme-challenge/.well-known/acme-challenge/NcEZy0HXy0SahSsgXzs4hgI4AsdFNfpWTH7JvZEy_k0
2022-12-07 12:59:10,829:DEBUG:acme.client:JWS payload:
b'{}'
2022-12-07 12:59:10,832:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/185007966707/9Aex6w:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvODU5MTU2ODI3IiwgIm5vbmNlIjogIjI3MTJkZU1MM2k3S09vMjBSTDhYS2RaSWFSRWlSRDNUYWFaQTdfTnFlWHhpUzQ0IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbC12My8xODUwMDc5NjY3MDcvOUFleDZ3In0",
  "signature": "BNxhprrawmhfqCUkcxBkG4c1Sb7eSra7gs7krx1dUXpaJKHrOPyag_YUYmfNmuKyD9bZUviimqUN4xHOyfA0seghmKdTfu08-OGmvnwmiFLbn0qWG_4RA9AqjrSPij_5M1Kjjx2M2mcUbJgO2FJQpx_QYWKxBK_rD-l_OuBIQRfHWLFQPPm2SgUw3xpbq7YBP512nLXK__kKYZYaIwI-SmnvCZcsNb4LBVDt0VVGME0D-9Ch1A0A3Enjblo0wDhhiYLCzjp8f99aT-wW_ep5hxZMI6MUJ1jxdgs63h_Erpb7Wy6aPt7vTedh5vQTbr11-sbrPhu-cYv9gRyh7JtE-A",
  "payload": "e30"
}
2022-12-07 12:59:10,942:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/185007966707/9Aex6w HTTP/1.1" 200 187
2022-12-07 12:59:10,943:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Wed, 07 Dec 2022 12:59:10 GMT
Content-Type: application/json
Content-Length: 187
Connection: keep-alive
Boulder-Requester: 859156827
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index", <https://acme-v02.api.letsencrypt.org/acme/authz-v3/185007966707>;rel="up"
Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/185007966707/9Aex6w
Replay-Nonce: F977yLntSDx3Z5q0aW5SQ2pFxWm2TE2IF3OhKrHTpp1xmfU
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "type": "http-01",
  "status": "pending",
  "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/185007966707/9Aex6w",
  "token": "NcEZy0HXy0SahSsgXzs4hgI4AsdFNfpWTH7JvZEy_k0"
}
2022-12-07 12:59:10,944:DEBUG:acme.client:Storing nonce: F977yLntSDx3Z5q0aW5SQ2pFxWm2TE2IF3OhKrHTpp1xmfU
2022-12-07 12:59:10,944:INFO:certbot._internal.auth_handler:Waiting for verification...
2022-12-07 12:59:11,945:DEBUG:acme.client:JWS payload:
b''
2022-12-07 12:59:11,949:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/185007966707:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvODU5MTU2ODI3IiwgIm5vbmNlIjogIkY5Nzd5TG50U0R4M1o1cTBhVzVTUTJwRnhXbTJURTJJRjNPaEtySFRwcDF4bWZVIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8xODUwMDc5NjY3MDcifQ",
  "signature": "GlLG1Neyb5PPrSCuCCLFFAytbHELy9uBxw3i_Xys1ed8_sLUqVqWe-BIaxXTIfg9j1ct3JCPgdF4R2QJfb1FNj_9jI4pONxCUlHo0O_En5Q_9NySWIeMABdyhgu7-q2LoBqpChTR5XNsDA9pV3NS6oF-xfhMxrXvRMVHZvk3iAm5V1mT1zVALVV7kR7xS_HfTNjXzGHedBxZxux22cQL_7jekh9SByrIbjsT9pu5DA6I69J5xsZN1W0Ag_PD7NVKOX_JXMk7FPEJ3rjZ6qkvZXkhWtHN_VCWn2x7kpUUv9ajfz6xLfwaKLgHancdEwORbuPtg0I9zGIJAj86cllAVQ",
  "payload": ""
}
2022-12-07 12:59:12,037:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/185007966707 HTTP/1.1" 200 810
2022-12-07 12:59:12,038:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Wed, 07 Dec 2022 12:59:11 GMT
Content-Type: application/json
Content-Length: 810
Connection: keep-alive
Boulder-Requester: 859156827
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 27123PsFCpx75sy9t8zRe8_AhVLGgc3G894m8-_C5rF8l1w
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "nas.christopherjohnson.dev"
  },
  "status": "pending",
  "expires": "2022-12-14T12:59:10Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/185007966707/9Aex6w",
      "token": "NcEZy0HXy0SahSsgXzs4hgI4AsdFNfpWTH7JvZEy_k0"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/185007966707/7coHXg",
      "token": "NcEZy0HXy0SahSsgXzs4hgI4AsdFNfpWTH7JvZEy_k0"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/185007966707/MIDVhw",
      "token": "NcEZy0HXy0SahSsgXzs4hgI4AsdFNfpWTH7JvZEy_k0"
    }
  ]
}
2022-12-07 12:59:12,038:DEBUG:acme.client:Storing nonce: 27123PsFCpx75sy9t8zRe8_AhVLGgc3G894m8-_C5rF8l1w
2022-12-07 12:59:15,042:DEBUG:acme.client:JWS payload:
b''
2022-12-07 12:59:15,045:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/185007966707:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvODU5MTU2ODI3IiwgIm5vbmNlIjogIjI3MTIzUHNGQ3B4NzVzeTl0OHpSZThfQWhWTEdnYzNHODk0bTgtX0M1ckY4bDF3IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8xODUwMDc5NjY3MDcifQ",
  "signature": "GDYXFzRNAjho9mKtFhdUVsTtOl6MRqjVQGrmOoXO--3nC6SKJMtGOoebZbcvuvdWy56ZltxZ_qcbiv5DTT2KVSQ6l706CZTsW3gHtizjrNT0RPN_DzzCHXT-gYwu-iHxFMsqKA7OPNryETMsky6BFJB1U6v60M1k2Q8T8kY18al1VV2m49-g7cZoIGi0G1Cw6M09qmY6AbemkU_pJfMkhOAZlvXQ0K8TQ06rwnZUWIaSqCV4Vn9h1RMJTyfNycl3CIaksbr1GHuXuPWrywCm9nNOX1kuOIYI4dnzucQDfNlpHKI0I2abkFYa6gJMCYEM36O6BC3e9wQbNTjha-VHFQ",
  "payload": ""
}
2022-12-07 12:59:15,147:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/185007966707 HTTP/1.1" 200 810
2022-12-07 12:59:15,148:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Wed, 07 Dec 2022 12:59:15 GMT
Content-Type: application/json
Content-Length: 810
Connection: keep-alive
Boulder-Requester: 859156827
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 2712jgb3hWMzV7VFl-bdl4tcEEKzSaPL3DphQ6sIVA28xPo
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "nas.christopherjohnson.dev"
  },
  "status": "pending",
  "expires": "2022-12-14T12:59:10Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/185007966707/9Aex6w",
      "token": "NcEZy0HXy0SahSsgXzs4hgI4AsdFNfpWTH7JvZEy_k0"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/185007966707/7coHXg",
      "token": "NcEZy0HXy0SahSsgXzs4hgI4AsdFNfpWTH7JvZEy_k0"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/185007966707/MIDVhw",
      "token": "NcEZy0HXy0SahSsgXzs4hgI4AsdFNfpWTH7JvZEy_k0"
    }
  ]
}
2022-12-07 12:59:15,148:DEBUG:acme.client:Storing nonce: 2712jgb3hWMzV7VFl-bdl4tcEEKzSaPL3DphQ6sIVA28xPo
2022-12-07 12:59:18,151:DEBUG:acme.client:JWS payload:
b''
2022-12-07 12:59:18,155:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/185007966707:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvODU5MTU2ODI3IiwgIm5vbmNlIjogIjI3MTJqZ2IzaFdNelY3VkZsLWJkbDR0Y0VFS3pTYVBMM0RwaFE2c0lWQTI4eFBvIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8xODUwMDc5NjY3MDcifQ",
  "signature": "d9yAjOqzjBsHvw4lHFyt3qhkQDQfnYOhLCF1wV4DyhMJcE1HxzxL4KA7Si24sKmTtTfDRD3p6ArEKsRN33-Y_jWuTl3EopStK2vBHZZtPj1fd605lPf3HwWtybXHMr3tuveSlwJ-CvW0B9gGR92768q7elGGclKICZO0Ia1PES_Als4_prP8MKWX0dcSkRGAw0r5avrrlyeCiznc2hQS-HYGLSTjecbk9y59p-zpeVAoEUsa54Ww1TBGuXpA4H1URrh4fDxmbnjfRG7MKzZE6ttaVGCGmTkV_ymMat1h3n1OFfkp_xZcP5abQ6pe1wFSZUMnciKYGKQd0NH_jAjPTQ",
  "payload": ""
}
2022-12-07 12:59:18,262:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/185007966707 HTTP/1.1" 200 810
2022-12-07 12:59:18,263:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Wed, 07 Dec 2022 12:59:18 GMT
Content-Type: application/json
Content-Length: 810
Connection: keep-alive
Boulder-Requester: 859156827
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: A5FEPho-kxEeseJu23HFTGiORyMNRK7tU4Qq5KrdLx0_PgQ
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "nas.christopherjohnson.dev"
  },
  "status": "pending",
  "expires": "2022-12-14T12:59:10Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/185007966707/9Aex6w",
      "token": "NcEZy0HXy0SahSsgXzs4hgI4AsdFNfpWTH7JvZEy_k0"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/185007966707/7coHXg",
      "token": "NcEZy0HXy0SahSsgXzs4hgI4AsdFNfpWTH7JvZEy_k0"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/185007966707/MIDVhw",
      "token": "NcEZy0HXy0SahSsgXzs4hgI4AsdFNfpWTH7JvZEy_k0"
    }
  ]
}
2022-12-07 12:59:18,263:DEBUG:acme.client:Storing nonce: A5FEPho-kxEeseJu23HFTGiORyMNRK7tU4Qq5KrdLx0_PgQ
2022-12-07 12:59:21,267:DEBUG:acme.client:JWS payload:
b''
2022-12-07 12:59:21,271:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/185007966707:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvODU5MTU2ODI3IiwgIm5vbmNlIjogIkE1RkVQaG8ta3hFZXNlSnUyM0hGVEdpT1J5TU5SSzd0VTRRcTVLcmRMeDBfUGdRIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8xODUwMDc5NjY3MDcifQ",
  "signature": "Q-sCAKiZv6vF_S5GCKw7IKv6x3EV3zmzzNYtg9d8GZVjc3QaWrmHOi5Xk75tWOVSdTz3r6abP2W9xnEpMXJh-3FaaFwgKgpRCiQHOVOjq_3IjoOoim2lM1Ci-3y1Iq80RKQ9IMFmnlOK9S9D4MwBF1aF3pXnzBQ5HCEYnUN_hASivG0DDoGjjtDaX993AXAbb3smldp8GXXpWVhEp_mxovDJkIKiDDoapTjuJo4HY9KKbk75oE0UgyRZcsQxwph-f2UCkG0W41VqcjCWeQ4JVi5cRWwnf489q7qwXKlT6Y3DPqhxqdkA_7LW35PwqVdk4UhVAh_ohiz5WKfAtYOyhg",
  "payload": ""
}
2022-12-07 12:59:21,365:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/185007966707 HTTP/1.1" 200 810
2022-12-07 12:59:21,366:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Wed, 07 Dec 2022 12:59:21 GMT
Content-Type: application/json
Content-Length: 810
Connection: keep-alive
Boulder-Requester: 859156827
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: A5FEPZ421BITTMWTRUBKtBxfdasVPlhSivihjIdHnZBg-Ek
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "nas.christopherjohnson.dev"
  },
  "status": "pending",
  "expires": "2022-12-14T12:59:10Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/185007966707/9Aex6w",
      "token": "NcEZy0HXy0SahSsgXzs4hgI4AsdFNfpWTH7JvZEy_k0"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/185007966707/7coHXg",
      "token": "NcEZy0HXy0SahSsgXzs4hgI4AsdFNfpWTH7JvZEy_k0"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/185007966707/MIDVhw",
      "token": "NcEZy0HXy0SahSsgXzs4hgI4AsdFNfpWTH7JvZEy_k0"
    }
  ]
}
2022-12-07 12:59:21,366:DEBUG:acme.client:Storing nonce: A5FEPZ421BITTMWTRUBKtBxfdasVPlhSivihjIdHnZBg-Ek
2022-12-07 12:59:24,367:DEBUG:acme.client:JWS payload:
b''
2022-12-07 12:59:24,371:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/185007966707:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvODU5MTU2ODI3IiwgIm5vbmNlIjogIkE1RkVQWjQyMUJJVFRNV1RSVUJLdEJ4ZmRhc1ZQbGhTaXZpaGpJZEhuWkJnLUVrIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8xODUwMDc5NjY3MDcifQ",
  "signature": "QiAWJgZaTG-c7NrOjxpqFPTk9WqYowX7k_Q0auixLHvTOVJPvxhcsoUuNCEVIHNkFxmuTS0EL1Ze1bm-MBDpYuKhNg5xPo4iSizXWJFcCRRaAXlq682yIE3_tP2z1y9mmvvPJB94Uh69gkdpTUfbBLpsmui2JEZqiZkdUUo21jE2lWX69sP8r23wC2H7tkAmsPC5KLy_jW4tVf_SmoTMIudVc_Jki8TwX3X0EIeT2UqQZlKtgM9lpZqupaHwpyjTRg0gwcWvwwADTpkGGiV3F1QIfFR1SUwRiwKFwhZ14gEyA7ht1MOiY0cE6HNQYtz8u1mui1A_xRBgKDqLEq8_qA",
  "payload": ""
}
2022-12-07 12:59:24,477:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/185007966707 HTTP/1.1" 200 810
2022-12-07 12:59:24,478:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Wed, 07 Dec 2022 12:59:24 GMT
Content-Type: application/json
Content-Length: 810
Connection: keep-alive
Boulder-Requester: 859156827
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: F977gd-FAr8K6-UTiBf-RnnwcZhfCUdzk0LLfTnSN_cEAOY
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "nas.christopherjohnson.dev"
  },
  "status": "pending",
  "expires": "2022-12-14T12:59:10Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/185007966707/9Aex6w",
      "token": "NcEZy0HXy0SahSsgXzs4hgI4AsdFNfpWTH7JvZEy_k0"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/185007966707/7coHXg",
      "token": "NcEZy0HXy0SahSsgXzs4hgI4AsdFNfpWTH7JvZEy_k0"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/185007966707/MIDVhw",
      "token": "NcEZy0HXy0SahSsgXzs4hgI4AsdFNfpWTH7JvZEy_k0"
    }
  ]
}
2022-12-07 12:59:24,478:DEBUG:acme.client:Storing nonce: F977gd-FAr8K6-UTiBf-RnnwcZhfCUdzk0LLfTnSN_cEAOY
2022-12-07 12:59:27,482:DEBUG:acme.client:JWS payload:
b''
2022-12-07 12:59:27,485:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/185007966707:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvODU5MTU2ODI3IiwgIm5vbmNlIjogIkY5NzdnZC1GQXI4SzYtVVRpQmYtUm5ud2NaaGZDVWR6azBMTGZUblNOX2NFQU9ZIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8xODUwMDc5NjY3MDcifQ",
  "signature": "HCbr6ixeKTqIkcwfVSfIce5JIvPbtur1zGpTpSbUdVcfYDsj90mzOoSyskDjMOFYmYYGseLVuBqTvEE1ZdCSVbbcVZTmYMsXGVov7Zc82PBb8r1eN2lo0Vc3CLSoe57gImlsq3_hKEyEJLfKbeYTqCkQVJO66UrBkgw5W9uDJEzwqSJnMMRxEdlkYH1-bW4D-p1S5fGEWGrLMacg226B38eqK346oznYq5omrkoxXaYb9qAlFNfSEIo5r3T6lPwvwxwASFWYSLTj7hwUQYa6dhvxsYwVmOLpVZKwgGERu0fXls5yKa6otygLNkRYXp2n6p7sDYieBPRc8vBlWf8qKw",
  "payload": ""
}
2022-12-07 12:59:27,584:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/185007966707 HTTP/1.1" 200 810
2022-12-07 12:59:27,585:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Wed, 07 Dec 2022 12:59:27 GMT
Content-Type: application/json
Content-Length: 810
Connection: keep-alive
Boulder-Requester: 859156827
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: F9771i_VWLVmNvEI0Mi1h3QTlhHFRql5DfEjhyNRdsP1Ygk
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "nas.christopherjohnson.dev"
  },
  "status": "pending",
  "expires": "2022-12-14T12:59:10Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/185007966707/9Aex6w",
      "token": "NcEZy0HXy0SahSsgXzs4hgI4AsdFNfpWTH7JvZEy_k0"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/185007966707/7coHXg",
      "token": "NcEZy0HXy0SahSsgXzs4hgI4AsdFNfpWTH7JvZEy_k0"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/185007966707/MIDVhw",
      "token": "NcEZy0HXy0SahSsgXzs4hgI4AsdFNfpWTH7JvZEy_k0"
    }
  ]
}
2022-12-07 12:59:27,585:DEBUG:acme.client:Storing nonce: F9771i_VWLVmNvEI0Mi1h3QTlhHFRql5DfEjhyNRdsP1Ygk
2022-12-07 12:59:30,589:DEBUG:acme.client:JWS payload:
b''
2022-12-07 12:59:30,593:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/185007966707:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvODU5MTU2ODI3IiwgIm5vbmNlIjogIkY5NzcxaV9WV0xWbU52RUkwTWkxaDNRVGxoSEZScWw1RGZFamh5TlJkc1AxWWdrIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8xODUwMDc5NjY3MDcifQ",
  "signature": "J96DbQH1K32F5c6EBATRnTNG6u7cVc5DatBp95HFScVx8u7hRxmrWuQiM8KsqUjgtu08Qu_9vUnCNu6SEI1rrHxYDKqXPkEj2gVq5BEgcrW5gmxkK48xZeaXb822h3pdLt3N4bX9lmUK14aIafyd0nHSoa-sfvAije_CSdFXCxC36LBg5RWnOmPXqrK6BUJEbsRJWujJBPUrisYGIWjm1HEwjBnXys_anSBhf9ebA_g7X4Ot2ZtqeZk-p3XPdUaiNBeJGSkeylpQYxzzTRzXQBuM5TtP5k9uGHkE-GQlQu4_d11isLrfw2WuR8sPSkiHE0MT4IUmO9AuDsIAeXbfPQ",
  "payload": ""
}
2022-12-07 12:59:30,687:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/185007966707 HTTP/1.1" 200 810
2022-12-07 12:59:30,688:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Wed, 07 Dec 2022 12:59:30 GMT
Content-Type: application/json
Content-Length: 810
Connection: keep-alive
Boulder-Requester: 859156827
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 2712xLPo5DTENzEsDlLk8PjDlwkg0i_Oa2Kx3YRSu1PNdic
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "nas.christopherjohnson.dev"
  },
  "status": "pending",
  "expires": "2022-12-14T12:59:10Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/185007966707/9Aex6w",
      "token": "NcEZy0HXy0SahSsgXzs4hgI4AsdFNfpWTH7JvZEy_k0"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/185007966707/7coHXg",
      "token": "NcEZy0HXy0SahSsgXzs4hgI4AsdFNfpWTH7JvZEy_k0"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/185007966707/MIDVhw",
      "token": "NcEZy0HXy0SahSsgXzs4hgI4AsdFNfpWTH7JvZEy_k0"
    }
  ]
}
2022-12-07 12:59:30,688:DEBUG:acme.client:Storing nonce: 2712xLPo5DTENzEsDlLk8PjDlwkg0i_Oa2Kx3YRSu1PNdic
2022-12-07 12:59:33,692:DEBUG:acme.client:JWS payload:
b''
2022-12-07 12:59:33,696:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/185007966707:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvODU5MTU2ODI3IiwgIm5vbmNlIjogIjI3MTJ4TFBvNURURU56RXNEbExrOFBqRGx3a2cwaV9PYTJLeDNZUlN1MVBOZGljIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8xODUwMDc5NjY3MDcifQ",
  "signature": "GRyhyRSs2A3VMtJ-0EEn45yTnw7CYxCwL_YKhBboHTwIViiYSg86EasyyaRkJkayu0aOuzSE44rXjAl3nIW61lGq4NCTnB9Dg0LDHjN2YGAgT7gTqZ_xV7VKWIEToCwtYA2dchNTMkAqF9hC9rd_30FzHomLG2Ba9v5rsnARV5-pwoR4jOW9drdZd8NyET5tSIUQfXy8V8C4I_sCGYJ_b8ExcCtJTmQNr415JPk7G_FXTlkTujTe6K26rqp47Y5YDUe4tnA6X3HT-jQLm2vQqHMIC7gW_tSspxPmyohWrvZIsL2Xcymwu-62ti-NujsEZxVZCB4pK0Fs5RoGh9c5Bg",
  "payload": ""
}
2022-12-07 12:59:33,791:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/185007966707 HTTP/1.1" 200 810
2022-12-07 12:59:33,793:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Wed, 07 Dec 2022 12:59:33 GMT
Content-Type: application/json
Content-Length: 810
Connection: keep-alive
Boulder-Requester: 859156827
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: C400uuGSKmTr8LqtZbnJVgIPyN9vmDqKz7yr_reTMeERlYg
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "nas.christopherjohnson.dev"
  },
  "status": "pending",
  "expires": "2022-12-14T12:59:10Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/185007966707/9Aex6w",
      "token": "NcEZy0HXy0SahSsgXzs4hgI4AsdFNfpWTH7JvZEy_k0"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/185007966707/7coHXg",
      "token": "NcEZy0HXy0SahSsgXzs4hgI4AsdFNfpWTH7JvZEy_k0"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/185007966707/MIDVhw",
      "token": "NcEZy0HXy0SahSsgXzs4hgI4AsdFNfpWTH7JvZEy_k0"
    }
  ]
}
2022-12-07 12:59:33,793:DEBUG:acme.client:Storing nonce: C400uuGSKmTr8LqtZbnJVgIPyN9vmDqKz7yr_reTMeERlYg
2022-12-07 12:59:36,796:DEBUG:acme.client:JWS payload:
b''
2022-12-07 12:59:36,801:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/185007966707:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvODU5MTU2ODI3IiwgIm5vbmNlIjogIkM0MDB1dUdTS21UcjhMcXRaYm5KVmdJUHlOOXZtRHFLejd5cl9yZVRNZUVSbFlnIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8xODUwMDc5NjY3MDcifQ",
  "signature": "CW1SPck6gkbVmsg_FlplmCSiKl1usqhDTtsLC6uQfK1dNJMlezO-Cfrkbe2RixEljQKV5NB9PEMiqDc4fRGAcyxipW6KfxxlJhKg2PGQJ2oik6fq659Y3Re-m5a2AGu9T2Tfm2p8yvU6JERXDFPIDPosBLTeiOXisEGnWJNHb48mhmX9CraQHdqm2qWmQAd2Y2YwBwS3NYNNdDinVb-LlmBTsHjLNpIzh-ZUVpr2wEzzetGvpKuiPFxUPgQ0exYyFdIKnaE4RKSW_Q0MESPT7rT1m3vuVLAWFZO4fg0_AqxVMbJPqnLiJc_g_CsMc4boMds0SLYS8htO443ruwF7XA",
  "payload": ""
}
2022-12-07 12:59:36,922:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/185007966707 HTTP/1.1" 200 810
2022-12-07 12:59:36,923:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Wed, 07 Dec 2022 12:59:36 GMT
Content-Type: application/json
Content-Length: 810
Connection: keep-alive
Boulder-Requester: 859156827
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: C400Qa6xdDF-bgPVsskAMM1M4yyKxK9L4T-I0Kr9dYNOODc
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "nas.christopherjohnson.dev"
  },
  "status": "pending",
  "expires": "2022-12-14T12:59:10Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/185007966707/9Aex6w",
      "token": "NcEZy0HXy0SahSsgXzs4hgI4AsdFNfpWTH7JvZEy_k0"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/185007966707/7coHXg",
      "token": "NcEZy0HXy0SahSsgXzs4hgI4AsdFNfpWTH7JvZEy_k0"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/185007966707/MIDVhw",
      "token": "NcEZy0HXy0SahSsgXzs4hgI4AsdFNfpWTH7JvZEy_k0"
    }
  ]
}
2022-12-07 12:59:36,923:DEBUG:acme.client:Storing nonce: C400Qa6xdDF-bgPVsskAMM1M4yyKxK9L4T-I0Kr9dYNOODc
2022-12-07 12:59:39,927:DEBUG:acme.client:JWS payload:
b''
2022-12-07 12:59:39,931:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/185007966707:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvODU5MTU2ODI3IiwgIm5vbmNlIjogIkM0MDBRYTZ4ZERGLWJnUFZzc2tBTU0xTTR5eUt4SzlMNFQtSTBLcjlkWU5PT0RjIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8xODUwMDc5NjY3MDcifQ",
  "signature": "dkeY-l78Sn6KFO9IeBkPET8N6RpakhvKKqibbHqEff5oNpX26TEllo2GXvWOka0hs25azq2JZi6bjgYYo86eWJfWo2yvtoJUzwzKE6D2lWORpHPMAbXW2JN_nbOfEorc3hkcVtVB3EEJHdNQmvouGUwyukclwdvJMvXOw5EuOmvCJ-92nSoGLeBMTefXRukfivLr7NfnDPYSukMBJa4NlX3dsMJagFk6-sKeSvPC8IDDXlMwMxQn-o3FSmTusTo_4MBG4LFF-A3wa_VmDgjrGlgSaqI4_NGt-QCUbWCFIgGScXsXZV1SsgUK7KRNBqcgL1dwMlyq4a80QAhyoIowMg",
  "payload": ""
}
2022-12-07 12:59:40,038:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/185007966707 HTTP/1.1" 200 810
2022-12-07 12:59:40,039:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Wed, 07 Dec 2022 12:59:39 GMT
Content-Type: application/json
Content-Length: 810
Connection: keep-alive
Boulder-Requester: 859156827
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: A5FENKVl8ElrSp5Bw7xKo3cHOmHGLvUy75BgsjEPmAHr484
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "nas.christopherjohnson.dev"
  },
  "status": "pending",
  "expires": "2022-12-14T12:59:10Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/185007966707/9Aex6w",
      "token": "NcEZy0HXy0SahSsgXzs4hgI4AsdFNfpWTH7JvZEy_k0"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/185007966707/7coHXg",
      "token": "NcEZy0HXy0SahSsgXzs4hgI4AsdFNfpWTH7JvZEy_k0"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/185007966707/MIDVhw",
      "token": "NcEZy0HXy0SahSsgXzs4hgI4AsdFNfpWTH7JvZEy_k0"
    }
  ]
}
2022-12-07 12:59:40,039:DEBUG:acme.client:Storing nonce: A5FENKVl8ElrSp5Bw7xKo3cHOmHGLvUy75BgsjEPmAHr484
2022-12-07 12:59:43,043:DEBUG:acme.client:JWS payload:
b''
2022-12-07 12:59:43,047:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/185007966707:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvODU5MTU2ODI3IiwgIm5vbmNlIjogIkE1RkVOS1ZsOEVsclNwNUJ3N3hLbzNjSE9tSEdMdlV5NzVCZ3NqRVBtQUhyNDg0IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8xODUwMDc5NjY3MDcifQ",
  "signature": "CaOTVOE6A2VC6rm7T3s2UKWbw9vd3kVcrDdkrHSdckKwpODTisHI5_-1dVm6ZM4WIly0TQywbC2jWshmCJWjciT8AQpCBZd3RPf8NELEmd0vcVdGa4Mb1-c8d4GZISa7R6Ki9JV0shD-X4PkWuB4pfvMyEEV0IFP7IFxtaQLKEF3_vvaUpthWduV9u28dXpB2BalD07qfocQq4MJ6VUjVFh8W2iYqL06TLQzqTeV3Nw4eW1s0P1SP0pXWJ_nvIORlD7wXhu57TjeSZywMj73olt1zW5Lz1zXt0WeET-5I5r13M2zKzoJeI3-FCDDTawIGTV3X117feC4ZGn8sfx0bA",
  "payload": ""
}
2022-12-07 12:59:43,144:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/185007966707 HTTP/1.1" 200 1208
2022-12-07 12:59:43,145:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Wed, 07 Dec 2022 12:59:43 GMT
Content-Type: application/json
Content-Length: 1208
Connection: keep-alive
Boulder-Requester: 859156827
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: A5FELoYsHcLLyA5O3L2HWTUbAMonoN15LIrh6dxyiqcacEU
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "nas.christopherjohnson.dev"
  },
  "status": "invalid",
  "expires": "2022-12-14T12:59:10Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "invalid",
      "error": {
        "type": "urn:ietf:params:acme:error:unauthorized",
        "detail": "2606:4700:3035::6815:34cb: Invalid response from http://nas.christopherjohnson.dev/.well-known/acme-challenge/NcEZy0HXy0SahSsgXzs4hgI4AsdFNfpWTH7JvZEy_k0: 522",
        "status": 403
      },
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/185007966707/9Aex6w",
      "token": "NcEZy0HXy0SahSsgXzs4hgI4AsdFNfpWTH7JvZEy_k0",
      "validationRecord": [
        {
          "url": "http://nas.christopherjohnson.dev/.well-known/acme-challenge/NcEZy0HXy0SahSsgXzs4hgI4AsdFNfpWTH7JvZEy_k0",
          "hostname": "nas.christopherjohnson.dev",
          "port": "80",
          "addressesResolved": [
            "104.21.52.203",
            "172.67.203.164",
            "2606:4700:3035::6815:34cb",
            "2606:4700:3037::ac43:cba4"
          ],
          "addressUsed": "2606:4700:3035::6815:34cb"
        }
      ],
      "validated": "2022-12-07T12:59:10Z"
    }
  ]
}
2022-12-07 12:59:43,146:DEBUG:acme.client:Storing nonce: A5FELoYsHcLLyA5O3L2HWTUbAMonoN15LIrh6dxyiqcacEU
2022-12-07 12:59:43,146:INFO:certbot._internal.auth_handler:Challenge failed for domain nas.christopherjohnson.dev
2022-12-07 12:59:43,146:INFO:certbot._internal.auth_handler:http-01 challenge for nas.christopherjohnson.dev
2022-12-07 12:59:43,147:DEBUG:certbot._internal.display.obj:Notifying user: 
Certbot failed to authenticate some domains (authenticator: webroot). The Certificate Authority reported these problems:
  Domain: nas.christopherjohnson.dev
  Type:   unauthorized
  Detail: 2606:4700:3035::6815:34cb: Invalid response from http://nas.christopherjohnson.dev/.well-known/acme-challenge/NcEZy0HXy0SahSsgXzs4hgI4AsdFNfpWTH7JvZEy_k0: 522

Hint: The Certificate Authority failed to download the temporary challenge files created by Certbot. Ensure that the listed domains serve their content from the provided --webroot-path/-w and that files created there can be downloaded from the internet.

2022-12-07 12:59:43,147:DEBUG:certbot._internal.error_handler:Encountered exception:
Traceback (most recent call last):
  File "/usr/lib/python3.9/site-packages/certbot/_internal/auth_handler.py", line 106, in handle_authorizations
    self._poll_authorizations(authzrs, max_retries, best_effort)
  File "/usr/lib/python3.9/site-packages/certbot/_internal/auth_handler.py", line 206, in _poll_authorizations
    raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.

2022-12-07 12:59:43,147:DEBUG:certbot._internal.error_handler:Calling registered functions
2022-12-07 12:59:43,147:INFO:certbot._internal.auth_handler:Cleaning up challenges
2022-12-07 12:59:43,148:DEBUG:certbot._internal.plugins.webroot:Removing /data/letsencrypt-acme-challenge/.well-known/acme-challenge/NcEZy0HXy0SahSsgXzs4hgI4AsdFNfpWTH7JvZEy_k0
2022-12-07 12:59:43,148:DEBUG:certbot._internal.plugins.webroot:All challenges cleaned up
2022-12-07 12:59:43,149:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
  File "/usr/bin/certbot", line 8, in <module>
    sys.exit(main())
  File "/usr/lib/python3.9/site-packages/certbot/main.py", line 19, in main
    return internal_main.main(cli_args)
  File "/usr/lib/python3.9/site-packages/certbot/_internal/main.py", line 1744, in main
    return config.func(config, plugins)
  File "/usr/lib/python3.9/site-packages/certbot/_internal/main.py", line 1591, in certonly
    lineage = _get_and_save_cert(le_client, config, domains, certname, lineage)
  File "/usr/lib/python3.9/site-packages/certbot/_internal/main.py", line 141, in _get_and_save_cert
    lineage = le_client.obtain_and_enroll_certificate(domains, certname)
  File "/usr/lib/python3.9/site-packages/certbot/_internal/client.py", line 513, in obtain_and_enroll_certificate
    cert, chain, key, _ = self.obtain_certificate(domains)
  File "/usr/lib/python3.9/site-packages/certbot/_internal/client.py", line 441, in obtain_certificate
    orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
  File "/usr/lib/python3.9/site-packages/certbot/_internal/client.py", line 493, in _get_order_and_authorizations
    authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort)
  File "/usr/lib/python3.9/site-packages/certbot/_internal/auth_handler.py", line 106, in handle_authorizations
    self._poll_authorizations(authzrs, max_retries, best_effort)
  File "/usr/lib/python3.9/site-packages/certbot/_internal/auth_handler.py", line 206, in _poll_authorizations
    raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.
2022-12-07 12:59:43,150:ERROR:certbot._internal.log:Some challenges have failed.

Welcome to the community @Programazing

Well, that is a complex mix: Proxied Cloudflare (CDN), Synology NAS, Docker, NPM

You have some work to do to get HTTP connection to your server working.

The key part of the error is the 522 error code. Cloudflare is returning that error due to comms problems between its CDN Edge and your Origin Server. See the Cloudflare troubleshooting guide (link here)

You might also consider using a Cloudflare Origin CA Cert. It would avoid needing to use a Let's Encrypt cert at all. Read more about that (link here). I am not certain how that interacts with NPM but you could ask about that on the Cloudflare community forum (or NPM's).

Certbot failed to authenticate some domains (authenticator: webroot). The Certificate Authority reported these problems:
  Domain: nas.christopherjohnson.dev
  Type:   unauthorized
  Detail: 2606:4700:3035::6815:34cb: Invalid response from http://nas.christopherjohnson.dev/.well-known/acme-challenge/NcEZy0HXy0SahSsgXzs4hgI4AsdFNfpWTH7JvZEy_k0: 522
3 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.