CPanel - unable to find SOA record

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: lan.chirag.uk

I ran this command: Used nginxproxymanager to add SSL via DNS validation.

It produced this output:

CommandError: Saving debug log to /tmp/letsencrypt-log/letsencrypt.log
Error adding TXT record: Unable to find SOA record.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /tmp/letsencrypt-log/letsencrypt.log or re-run Certbot with -v for more details.

    at /app/lib/utils.js:16:13
    at ChildProcess.exithandler (node:child_process:430:5)
    at ChildProcess.emit (node:events:519:28)
    at maybeClose (node:internal/child_process:1105:16)
    at ChildProcess._handle.onexit (node:internal/child_process:305:5)

From the logfile mentioned above

2024-12-16 11:38:03,114:DEBUG:acme.client:Storing nonce: GJdccAF6WgNcqXG0vA7O4JvVL0hQFSHPzgQy7q3jle9C4xQgsQ4
2024-12-16 11:38:03,115:INFO:certbot._internal.auth_handler:Performing the following challenges:
2024-12-16 11:38:03,115:INFO:certbot._internal.auth_handler:dns-01 challenge for lan.chirag.uk
2024-12-16 11:38:03,115:INFO:certbot._internal.auth_handler:dns-01 challenge for lan.chirag.uk
2024-12-16 11:38:03,463:DEBUG:certbot_dns_cpanel.dns_cpanel:{'preevent': {'result': 1}, 'func': 'fetchzones', 'data': [{'statusmsg': 'Zones fetched', 'zones': [REDACTED], 'status': 1}]}
2024-12-16 11:38:04,837:DEBUG:certbot_dns_cpanel.dns_cpanel:{'func': 'fetchzone_records', 'apiversion': 2, 'event': {'result': 1}, 'preevent': {'result': 1}, 'data': [], 'postevent': {'result': 1}, 'module': 'ZoneEdit'}
2024-12-16 11:38:04,837:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
  File "/opt/certbot/bin/certbot", line 8, in <module>
    sys.exit(main())
             ^^^^^^
  File "/opt/certbot/lib/python3.11/site-packages/certbot/main.py", line 19, in main
    return internal_main.main(cli_args)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/main.py", line 1894, in main
    return config.func(config, plugins)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/main.py", line 1600, in certonly
    lineage = _get_and_save_cert(le_client, config, domains, certname, lineage)
              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/main.py", line 143, in _get_and_save_cert
    lineage = le_client.obtain_and_enroll_certificate(domains, certname)
              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/client.py", line 517, in obtain_and_enroll_certificate
    cert, chain, key, _ = self.obtain_certificate(domains)
                          ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/client.py", line 428, in obtain_certificate
    orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/client.py", line 496, in _get_order_and_authorizations
    authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort)
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/auth_handler.py", line 88, in handle_authorizations
    resps = self.auth.perform(achalls)
            ^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/opt/certbot/lib/python3.11/site-packages/certbot/plugins/dns_common.py", line 76, in perform
    self._perform(domain, validation_domain_name, validation)
  File "/opt/certbot/lib/python3.11/site-packages/certbot_dns_cpanel/dns_cpanel.py", line 58, in _perform
    self._get_cpanel_client().add_txt_record(validation_domain_name, validation)
  File "/opt/certbot/lib/python3.11/site-packages/certbot_dns_cpanel/dns_cpanel.py", line 112, in add_txt_record
    raise errors.PluginError("Error adding TXT record: %s" % response_data['data'][0]['result']['statusmsg'])
certbot.errors.PluginError: Error adding TXT record: Unable to find SOA record.
2024-12-16 11:38:04,839:ERROR:certbot._internal.log:Error adding TXT record: Unable to find SOA record.

My web server is (include version): NA

The operating system my web server runs on is (include version): Debian

My hosting provider, if applicable, is: Running cPanel with generic host. When logging into cPanel no SOA records are shown. The host says they are only shown in WHM, not cpanel.

I can login to a root shell on my machine (yes or no, or I don't know): The machine running nginxproxymanager, yes. Not on the box running DNS records.

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): cPanel 120.0.22

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): Not sure - whatever comes packaged with nginx proxy manager.

Thank you for providing the Certbot log file. That's not commonly done with NPM, so that helps us greatly.

It appears NPM is using the third party DNS plugin certbot-dns-cpanel. Are you absolutely sure your cPanel has the domain chirag.uk configured somewhere in some DNS configuration? (I'm not familiar with cPanel, nor NPM, sorry.)

Maybe you need to select a different DNS provider in NPM? Not sure which one though.. Your DNS seems to be hosted by rxhost.co.uk (your domain has ns{1,2}.rxhost.co.uk listed as nameservers). And I don't know how you'd interface with them in NPM.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.