Internal Error when i tried to add proxy host

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:https://okorodesigneztees.com

I ran this command:Proxy Host

It produced this output:Internal Error

[7/17/2021] [5:39:23 AM] [IP Ranges] › info Fetching https://ip-ranges.amazonaws.com/ip-ranges.json,
[7/17/2021] [5:39:27 AM] [IP Ranges] › info Fetching https://www.cloudflare.com/ips-v4,
[7/17/2021] [5:39:27 AM] [IP Ranges] › info Fetching https://www.cloudflare.com/ips-v6,
[7/17/2021] [5:39:29 AM] [Nginx ] › info Reloading Nginx,
[7/17/2021] [5:39:30 AM] [Nginx ] › info Reloading Nginx,
[7/17/2021] [5:39:30 AM] [SSL ] › info Renew Complete,
[7/17/2021] [6:39:22 AM] [SSL ] › info Renewing SSL certs close to expiry...,
[7/17/2021] [6:39:23 AM] [Nginx ] › info Reloading Nginx,
[7/17/2021] [6:39:23 AM] [SSL ] › info Renew Complete,
[7/17/2021] [7:39:22 AM] [SSL ] › info Renewing SSL certs close to expiry...,
[7/17/2021] [7:39:23 AM] [Nginx ] › info Reloading Nginx,
[7/17/2021] [7:39:23 AM] [SSL ] › info Renew Complete,
[7/17/2021] [8:39:22 AM] [SSL ] › info Renewing SSL certs close to expiry...,
[7/17/2021] [8:39:23 AM] [Nginx ] › info Reloading Nginx,
[7/17/2021] [8:39:23 AM] [SSL ] › info Renew Complete,
[7/17/2021] [9:39:22 AM] [SSL ] › info Renewing SSL certs close to expiry...,
[7/17/2021] [9:39:23 AM] [Nginx ] › info Reloading Nginx,
[7/17/2021] [9:39:23 AM] [SSL ] › info Renew Complete,
[7/17/2021] [10:39:22 AM] [SSL ] › info Renewing SSL certs close to expiry...,
[7/17/2021] [10:39:23 AM] [Nginx ] › info Reloading Nginx,
[7/17/2021] [10:39:23 AM] [SSL ] › info Renew Complete,
[7/17/2021] [11:39:22 AM] [SSL ] › info Renewing SSL certs close to expiry...,
[7/17/2021] [11:39:23 AM] [IP Ranges] › info Fetching IP Ranges from online services...,
[7/17/2021] [11:39:23 AM] [IP Ranges] › info Fetching https://ip-ranges.amazonaws.com/ip-ranges.json,
[7/17/2021] [11:39:23 AM] [IP Ranges] › info Fetching https://www.cloudflare.com/ips-v4,
[7/17/2021] [11:39:23 AM] [Nginx ] › info Reloading Nginx,
[7/17/2021] [11:39:23 AM] [SSL ] › info Renew Complete,
[7/17/2021] [11:39:23 AM] [IP Ranges] › info Fetching https://www.cloudflare.com/ips-v6,
[7/17/2021] [11:39:23 AM] [Nginx ] › info Reloading Nginx,
[7/17/2021] [12:39:22 PM] [SSL ] › info Renewing SSL certs close to expiry...,
[7/17/2021] [12:39:23 PM] [Nginx ] › info Reloading Nginx,
[7/17/2021] [12:39:23 PM] [SSL ] › info Renew Complete,
Connection Error: Error: read ECONNRESET,
[7/17/2021] [1:17:17 PM] [Nginx ] › info Reloading Nginx,
[7/17/2021] [1:17:17 PM] [SSL ] › info Requesting Let'sEncrypt certificates for Cert #12: okorodesigneztees.com,
[7/17/2021] [1:17:30 PM] [Nginx ] › info Reloading Nginx,
[7/17/2021] [1:17:30 PM] [Express ] › warning Command failed: certbot certonly --non-interactive --config "/etc/letsencrypt.ini" --cert-name "npm-12" --agree-tos --email "prokoro@hotmail.com" --preferred-challenges "dns,http" --domains "okorodesigneztees.com" ,
Saving debug log to /var/log/letsencrypt/letsencrypt.log,
Some challenges have failed.,
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.,
,
[7/17/2021] [1:19:04 PM] [Nginx ] › info Reloading Nginx,
[7/17/2021] [1:37:01 PM] [Nginx ] › info Reloading Nginx,
[7/17/2021] [1:38:45 PM] [Nginx ] › info Reloading Nginx,
[7/17/2021] [1:39:22 PM] [SSL ] › info Renewing SSL certs close to expiry...,
[7/17/2021] [1:39:26 PM] [Nginx ] › info Reloading Nginx,
[7/17/2021] [1:39:26 PM] [SSL ] › info Renew Complete,
[7/17/2021] [1:40:06 PM] [Nginx ] › info Reloading Nginx,
[7/17/2021] [1:41:50 PM] [Nginx ] › info Reloading Nginx,
[7/17/2021] [1:47:22 PM] [Nginx ] › info Reloading Nginx,
[7/17/2021] [1:48:17 PM] [Nginx ] › info Reloading Nginx,
[7/17/2021] [2:37:48 PM] [Nginx ] › info Reloading Nginx,
[7/17/2021] [2:37:48 PM] [SSL ] › info Requesting Let'sEncrypt certificates for Cert #13: okorodesigneztees.com,
[7/17/2021] [2:38:08 PM] [Nginx ] › info Reloading Nginx,
[7/17/2021] [2:38:08 PM] [Express ] › warning Command failed: certbot certonly --non-interactive --config "/etc/letsencrypt.ini" --cert-name "npm-13" --agree-tos --email "prokoro@hotmail.com" --preferred-challenges "dns,http" --domains "okorodesigneztees.com" ,
Saving debug log to /var/log/letsencrypt/letsencrypt.log,
Some challenges have failed.,
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.,
,
[7/17/2021] [2:39:06 PM] [Nginx ] › info Reloading Nginx,
[7/17/2021] [2:39:22 PM] [SSL ] › info Renewing SSL certs close to expiry...,
[7/17/2021] [2:39:23 PM] [Nginx ] › info Reloading Nginx,
[7/17/2021] [2:39:23 PM] [SSL ] › info Renew Complete,
[7/17/2021] [2:55:08 PM] [Nginx ] › info Reloading Nginx,
[7/17/2021] [3:39:22 PM] [SSL ] › info Renewing SSL certs close to expiry...,
[7/17/2021] [3:39:23 PM] [Nginx ] › info Reloading Nginx,
[7/17/2021] [3:39:23 PM] [SSL ] › info Renew Complete,
[7/17/2021] [4:39:22 PM] [SSL ] › info Renewing SSL certs close to expiry...,
[7/17/2021] [4:39:23 PM] [Nginx ] › info Reloading Nginx,
[7/17/2021] [4:39:23 PM] [SSL ] › info Renew Complete,
[7/17/2021] [5:39:22 PM] [SSL ] › info Renewing SSL certs close to expiry...,
[7/17/2021] [5:39:23 PM] [IP Ranges] › info Fetching IP Ranges from online services...,
[7/17/2021] [5:39:23 PM] [IP Ranges] › info Fetching https://ip-ranges.amazonaws.com/ip-ranges.json,
[7/17/2021] [5:39:25 PM] [IP Ranges] › info Fetching https://www.cloudflare.com/ips-v4,
[7/17/2021] [5:39:25 PM] [IP Ranges] › info Fetching https://www.cloudflare.com/ips-v6,
[7/17/2021] [5:39:27 PM] [Nginx ] › info Reloading Nginx,
[7/17/2021] [5:39:28 PM] [Nginx ] › info Reloading Nginx,
[7/17/2021] [5:39:28 PM] [SSL ] › info Renew Complete,
[7/17/2021] [5:59:31 PM] [Nginx ] › info Reloading Nginx,
[7/17/2021] [5:59:31 PM] [SSL ] › info Requesting Let'sEncrypt certificates for Cert #14: okorodesigneztees.com,
[7/17/2021] [6:00:08 PM] [Nginx ] › info Reloading Nginx,
[7/17/2021] [6:00:08 PM] [Express ] › warning Command failed: certbot certonly --non-interactive --config "/etc/letsencrypt.ini" --cert-name "npm-14" --agree-tos --email "prokoro@hotmail.com" --preferred-challenges "dns,http" --domains "okorodesigneztees.com" ,
Saving debug log to /var/log/letsencrypt/letsencrypt.log,
Some challenges have failed.,
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.,
,
[7/17/2021] [6:00:26 PM] [Nginx ] › info Reloading Nginx,
[7/17/2021] [6:03:39 PM] [Nginx ] › info Reloading Nginx,
[7/17/2021] [6:03:39 PM] [SSL ] › info Requesting Let'sEncrypt certificates for Cert #15: okorodesigneztees.com,
[7/17/2021] [6:04:03 PM] [Nginx ] › info Reloading Nginx,
[7/17/2021] [6:04:03 PM] [Express ] › warning Command failed: certbot certonly --non-interactive --config "/etc/letsencrypt.ini" --cert-name "npm-15" --agree-tos --email "prokoro@hotmail.com" --preferred-challenges "dns,http" --domains "okorodesigneztees.com" ,
Saving debug log to /var/log/letsencrypt/letsencrypt.log,
Some challenges have failed.,
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.,
,
[7/17/2021] [6:04:25 PM] [Nginx ] › info Reloading Nginx,
[7/17/2021] [6:05:14 PM] [Nginx ] › info Reloading Nginx,
[7/17/2021] [6:07:20 PM] [Nginx ] › info Reloading Nginx,
[7/17/2021] [6:08:53 PM] [Nginx ] › info Reloading Nginx,
[7/17/2021] [6:11:24 PM] [Nginx ] › info Reloading Nginx

My web server is (include version):Ubuntu 20.04 portainer running on a Docker Container

The operating system my web server runs on is (include version):yes, Ubuntu 20.04

My hosting provider, if applicable, is: got my domain from pork-bun but i am hosting my own site on Ubuntu docker container with portainer, word-press and nginx setup.

I can login to a root shell on my machine (yes or no, or I don't know):yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): I have a cert through CloudFlare not sure how configure it

Also, do my DNS suppose to proxied on Cloudflare or on DNS only?

Please help I am very new to this is my first website.

Thank you

I think the first step here going to be: point your domain to Cloudflare.

Currently, your domain is configured to use Porkbun nameservers:

$ dig +noall +answer okorodesigneztees.com ns
okorodesigneztees.com.  86286   IN      NS      salvador.porkbun.com.
okorodesigneztees.com.  86286   IN      NS      maceio.porkbun.com.
okorodesigneztees.com.  86286   IN      NS      fortaleza.porkbun.com.
okorodesigneztees.com.  86286   IN      NS      curitiba.porkbun.com.

This means your domain is neither using Cloudflare DNS, nor your Ubuntu server.

When you initially added your domain to Cloudflare, it probably asked you to login to Porkbun and to change your domain's nameservers to a pair of Cloudflare-supplied ones.

You need to do this before proceeding any further.

Thank you, i recently went back in to change name-servers like yo suggested. Now I am receiving the error 522 connection time out message. And the Internal Error message.

Welcome to the Let's Encrypt Community, Pamela

The links below should help.

You might want to consider using a Cloudflare Origin CA certificate instead of a Let's Encrypt certificate.

That's a good first step!

To get past this error, you might want to first change your Cloudflare SSL setting to "Flexible".

The relevant documentation is here: https://support.cloudflare.com/hc/en-us/articles/200170416-End-to-end-HTTPS-with-Cloudflare-Part-3-SSL-options

From there, you can decide to go the Let's Encrypt route like you were already planning to, or the Cloudflare Origin CA route like griffin is suggesting.

Ok, thank you both soo much....

@_az

The 522 error is a timeout error, so I don't think the SSL validation will help much. I'm wondering if it might be due to the backend webserver not being configured correctly (or having a firewall).

Yeah maybe.

When I tried earlier, I got the 525 Origin SSL Handshake Error, so OP is probably changing things around.

Right now the issue seems to be that the origin A record in Cloudflare is pointing to the Porkbun domain parking page, rather than to the Ubuntu server.

Curious. Why would it timeout trying to load that parking page through Cloudfla... oh... is it redirecting to https THEN trying to pull the parking page via https!?

Update:

I'm seeing 404 errors now through Let's Debug (after the 301 redirect to https) in all four cases:

Yet a retry failed...

Now an IPv4 failed...

This shifting of failures seems a lot like there's something "adaptive" (like a firewall) in the way.

Hello,
Changing my full mode to flexible worked. I am now on landing page. Now i need to have domain point to the word-press to build out my website. Nginx still not working I may have to leave that part along it keeps giving error message.

Thank you so much for all the help.

Ah...

so @_az was 100% correct then:

Screenshot_20210717-181857_Samsung Internet1440×2053 212 KB

Thank y'all soo..much!!

You are quite welcome.

You might find this to be important soon...

Omg thank you thank you,

So much

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.