Let's encrypt problem during Nginx host configuration

Help
1

Hello,

I'm using Nginx proxy manager add-on in Home assistant.

I would like to use Nginx in Docker container (debian 12) so I made the docker compose and I created my container without any problem.

When I would like to create my first Proxy Host, I have an "Internal error".

image
image745×881 37 KB

I have the following message in my log file:

[Express ] › :warning: warning Command failed: certbot certonly --config "/etc/letsencrypt.ini" --work-dir "/tmp/letsencrypt-lib" --logs-dir "/tmp/letsencrypt-log" --cert-name "npm-2" --agree-tos --authenticator webroot --email "MYMAIL" --preferred-challenges "dns,http" --domains "MYDOMAIN"
Saving debug log to /tmp/letsencrypt-log/letsencrypt.log
Some challenges have failed.

Could you please help me to understand this message?

Thank you.

1 Like
2

Hello @AURELB87, welcome to the Let's Encrypt community. :slightly_smiling_face:

You might find help from Home Assistant also has its own community forum here https://community.home-assistant.io/

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

Thank you for assisting us in helping YOU!

3 Likes
3

I'm afraid not with the info provided. Nginx Proxy Manager is notorious for not providing the relevant information from the Certbot output. Besides the questions from the questionnaire above, please also show the contents of the Certbot log file /tmp/letsencrypt-log/letsencrypt.log so we can see what's going on more clearly.

5 Likes
4

As I said, I'm currently using the Nginx addon on my homeassistant without any problem.
May be I have this message because I already set the proxy host in the addon... I already tried to delete the configuration in the addon but nothing change.

Here is the log file: logfile - Pastebin.com

5

That wasn't the whole log file.

But, based on the limited info you have provided my guess is that NPM is placing the challenge file in /data/letsencrypt-acme-challenge/.well-known/acme-challenge/ folder but the container running nginx doesn't have access to that folder.

Here is the slightly more helpful message from the log

Certbot failed to authenticate some domains (authenticator: webroot).
The Certificate Authority reported these problems:
Domain: (redacted)
Type: unauthorized
Detail: (IP redacted): Invalid response from http://(redacted)/.well-known/acme-challenge/URqx0itUw4hRLupQV4Y2SGHJwDqkuUGP_3fsKYDOsig: 404

Hint: The Certificate Authority failed to download the temporary challenge files created by Certbot. Ensure that the listed domains serve their content from the provided --webroot-path/-w and that files created there can be downloaded from

5 Likes
6

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.