Nginx getting internal error when asking for new ssl cert

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: mickeypeach.co.uk

I ran this command: request new ssl cert

It produced this output: internal error

My web server is (include version): Synology using Docker - nginx

The operating system my web server runs on is (include version): Synology 7

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know): don't

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): nginx

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 1.28.0

I have been using nginx with no issue for a while, but then noticed I could not log into anymore, but the reverse proxies were still working. whilst trying to sort it out (i'm not a network guy) I deleted mariadb and nginx and started again, but now when trying to get my ssl certs it keeps coming with internal errors.

" 7/5/2022] [5:19:04 PM] [SSL ] › :information_source: info Requesting Let'sEncrypt certificates for Cert #1: sonarr.mickeypeach.co.uk stdout

18:19:04 [7/5/2022] [5:19:04 PM] [SSL ] › :information_source: info Command: certbot certonly --config "/etc/letsencrypt.ini" --cert-name "npm-5" --agree-tos --authenticator webroot --email "*@gmail.com" --preferred-challenges "dns,http" --domains "sonarr.mickeypeach.co.uk" stdout

18:19:17 [7/5/2022] [5:19:17 PM] [Nginx ] › :information_source: info Reloading Nginx stdout

18:19:17 [7/5/2022] [5:19:17 PM] [Express ] › :warning: warning Command failed: certbot certonly --config "/etc/letsencrypt.ini" --cert-name "npm-5" --agree-tos --authenticator webroot --email "*@gmail.com" --preferred-challenges "dns,http" --domains "sonarr.mickeypeach.co.uk" stdout

18:19:17 Saving debug log to /var/log/letsencrypt/letsencrypt.log stdout

18:19:17 An unexpected error occurred: stdout

18:19:17 requests.exceptions.ConnectionError: HTTPSConnectionPool(host='acme-v02.api.letsencrypt.org', port=443): Max retries exceeded with url: /directory (Caused by NewConnectionError('<urllib3.connection.HTTPSConnection object at 0x7f4dcc5fd320>: Failed to establish a new connection: [Errno -3] Temporary failure in name resolution')) stdout

18:19:17"
log file:
7/5/2022] [5:19:04 PM] [SSL ] › :information_source: info Requesting Let'sEncrypt certificates for Cert #5: sonarr.mickeypeach.co.uk stdout

18:19:04 [7/5/2022] [5:19:04 PM] [SSL ] › :information_source: info Command: certbot certonly --config "/etc/letsencrypt.ini" --cert-name "npm-5" --agree-tos --authenticator webroot --email "*@gmail.com" --preferred-challenges "dns,http" --domains "sonarr.mickeypeach.co.uk" stdout

18:19:17 [7/5/2022] [5:19:17 PM] [Nginx ] › :information_source: info Reloading Nginx stdout

18:19:17 [7/5/2022] [5:19:17 PM] [Express ] › :warning: warning Command failed: certbot certonly --config "/etc/letsencrypt.ini" --cert-name "npm-5" --agree-tos --authenticator webroot --email "*@gmail.com" --preferred-challenges "dns,http" --domains "sonarr.mickeypeach.co.uk" stdout

18:19:17 Saving debug log to /var/log/letsencrypt/letsencrypt.log stdout

18:19:17 An unexpected error occurred: stdout

18:19:17 requests.exceptions.ConnectionError: HTTPSConnectionPool(host='acme-v02.api.letsencrypt.org', port=443): Max retries exceeded with url: /directory (Caused by NewConnectionError('<urllib3.connection.HTTPSConnection object at 0x7f4dcc5fd320>: Failed to establish a new connection: [Errno -3] Temporary failure in name resolution')) stdout

log file:
022-07-05 17:19:06,435:DEBUG:certbot._internal.main:certbot version: 1.28.0
2022-07-05 17:19:06,435:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/local/bin/certbot
2022-07-05 17:19:06,435:DEBUG:certbot._internal.main:Arguments: ['--config', '/etc/letsencrypt.ini', '--cert-name', 'npm-5', '--agree-tos', '--authenticator', 'webr
oot', '--email', '@gmail.com', '--preferred-challenges', 'dns,http', '--domains', 'sonarr.mickeypeach.co.uk']
2022-07-05 17:19:06,436:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#dns-cloudflare,PluginEntryPoint#manual,PluginEntryPoint#nu
ll,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2022-07-05 17:19:06,502:DEBUG:certbot._internal.log:Root logging level set at 30
2022-07-05 17:19:06,504:DEBUG:certbot._internal.plugins.selection:Requested authenticator webroot and installer None
2022-07-05 17:19:06,513:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * webroot
Description: Place files in webroot directory
Interfaces: Authenticator, Plugin
Entry point: webroot = certbot._internal.plugins.webroot:Authenticator
Initialized: <certbot._internal.plugins.webroot.Authenticator object at 0x7f4dcc80db00>
Prep: True
2022-07-05 17:19:06,514:DEBUG:certbot._internal.plugins.selection:Selected authenticator <certbot._internal.plugins.webroot.Authenticator object at 0x7f4dcc80db00>
and installer None
2022-07-05 17:19:06,514:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator webroot, Installer None
2022-07-05 17:19:06,683:DEBUG:certbot._internal.main:Picked account: <Account(RegistrationResource(body=Registration(key=None, contact=(), agreement=None, status=No
ne, terms_of_service_agreed=None, only_return_existing=None, external_account_binding=None), uri='https://acme-v02.api.letsencrypt.org/acme/acct/
', new_aut
hzr_uri=None, terms_of_service=None), * Meta(creation_dt=datetime.datetime(2022, 6, 22, 17, 50, 8, tzinfo=), creation_host='jc2
1-nginx-proxy-manager1', register_to_eff=None))>
2022-07-05 17:19:06,685:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
2022-07-05 17:19:06,689:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443
2022-07-05 17:19:16,698:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
File "/usr/local/lib/python3.7/dist-packages/urllib3/connection.py", line 175, in _new_conn
(self._dns_host, self.port), self.timeout, **extra_kw
File "/usr/local/lib/python3.7/dist-packages/urllib3/util/connection.py", line 72, in create_connection
for res in socket.getaddrinfo(host, port, family, socket.SOCK_STREAM):
File "/usr/lib/python3.7/socket.py", line 748, in getaddrinfo
for res in _socket.getaddrinfo(host, port, family, type, proto, flags):
socket.gaierror: [Errno -3] Temporary failure in name resolution

any help would be much appreciated.

You should remove stdout from the certbot command. For some reason that is treated as a domain name and, of course, trying to resolve that name fails.

On my system adding stdout in a similar way fails with a different error. In any case, that seems to be what is causing your problem.

8 Likes

Perhaps:
" > stdout "

8 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.