NGINX Docker "internal Error"

Help
1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: mygtw.co.uk

I ran this command:NGINX SSL

It produced this output:
Error: Command failed: certbot certonly --config "/etc/letsencrypt.ini" --work-dir "/tmp/letsencrypt-lib" --logs-dir "/tmp/letsencrypt-log" --cert-name "npm-32" --agree-tos --authenticator webroot --email "XXXXXXX@tutanota.com" --preferred-challenges "dns,http" --domains "mygtw.co.uk"
Saving debug log to /tmp/letsencrypt-log/letsencrypt.log
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /tmp/letsencrypt-log/letsencrypt.log or re-run Certbot with -v for more details.

at ChildProcess.exithandler (node:child_process:402:12)
at ChildProcess.emit (node:events:513:28)
at maybeClose (node:internal/child_process:1100:16)
at Socket. (node:internal/child_process:458:11)
at Socket.emit (node:events:513:28)
at Pipe. (node:net:301:12)

My web server is (include version): Docker

The operating system my web server runs on is (include version):Unraid

My hosting provider, if applicable, is:Godaddy/DYNU

I can login to a root shell on my machine (yes or no, or I don't know):Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):Unkown

2

I moved from Godaddy to DYNU nameservers today mot sure if this is causing this.

3

looks like webserver itself is crashed?

3 Likes
4

Good chance they are. Sadly, the NPM package you are using hides the actual errors coming from Certbot and Let's Encrypt. Many of us here do not like to work on NPM setups because of this

But, your domain setup has numerous errors so that's a good place to start

See errors here
https://dnsviz.net/d/mygtw.co.uk/dnssec/

And use this to test lookups similar to how Let's Encrypt does them. Note a CAA record is not required but your DNS server must respond with a correct "not found" and not a SERVFAIL

https://unboundtest.com

This is also good site to use after you make changes

3 Likes
5

So what should i do wait untill tomrorw and see if the nameservers have updated or go back to godaddy ?

I moved it 15 mins ago so it could be a cause it.

6

Unfortunately im a bit new to this and there doesnt seem to be alot of alternatives on unraid for nginx.

7

First of all, you're not using nginx but nginx proxy manager, a suite built around nginx that doesn't always simplify things.

This might be useful (or not) when searching for documentation.

4 Likes
8

It hasnt really helped me find anything, it worked yesterday but i had to delete the files and its been like this since the reset

9

Querying for your domain says no SEP matching the DS found for mygtw.co.uk and I believe means you previously had working DNSSEC setup for your domain and now you don't - I assume you will need to tell your domain registrar to remove that : Managing DS records for DNSSEC – Registrar Resources

3 Likes
10

I have dns sec built into dynu

11

Hi All

Slight update so i have dns sec through dynu I've had to put that into godaddy this morning, it still hasn't fixed the issue though :frowning:

13

It seems that you have two name servers more than what are defined.
And, also, there are two DNSKEYs that are unused and can be deleted.
See the latest: mygtw.co.uk | DNSViz

image
image608×521 34.6 KB

But, overall, DNSSEC now seems secure [and working as expected].

4 Likes
14

done ! it wasnt this complicated last time haha !

1 Like
15

well its corrected alot of the issues now, I'm not sure of I just have to wait for the rest to sort itself? every setting is the same as my other domain in my router, dynu and dockers so I'm not sure why its failing

16

IT LIVES !!!!!!

i needed to set up a CAA Record on dynu thank you so much guys this is the best forum I have been on !

3 Likes
17

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.