Nginx Proxy Manager - Lets encrypt certificate not working

Error: Command failed: certbot certonly --config "/etc/letsencrypt.ini" --cert-name "npm-2" --agree-tos --authenticator webroot --email "" --preferred-challenges "dns,http" --domains ""
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Some challenges have failed.
Ask for help or search for solutions at See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.

at ChildProcess.exithandler (node:child_process:399:12)
at ChildProcess.emit (node:events:526:28)
at maybeClose (node:internal/child_process:1092:16)
at Process.ChildProcess._handle.onexit (node:internal/child_process:302:5)

I am using an Ubuntu Machine with docker.
I don't know how to fix this problem.

Hi @Nomajo, and welcome to the LE community forum :slight_smile:

In order to use HTTP authentication, you must have a working HTTP site.
In order to have a working HTTP site, you must use an IP that can be reached via the Internet:


In order to use:

You will have to provide the correct document root being used by your site.


The domain is used to point to the nextcloud I installed on my server. I made an A dns entry that points to And linked it to the right port with Nginx Proxy manager. The only problem is that i can't create a SSL Certificate with Nginx Proxy Manager for this domain.

That IPv4 Address is within a Private IPv4 Address range and thus not directly accessable from the Internet; now if you have a valid non-private IPv4 Address that is NATed to that Private a IPv4 Address. Then the said valid non-private IPv4 Address is the IPv4 Address the LE can access.

16-bit block – 65536 ( 16 bits 16 bits 256 contiguous class C networks

Here is a nice description Public vs. Private IP Addresses: What’s the Difference?


I do know exactly what you did.
I tried explaining where you went off the expected path and what you might also encounter along the way.


Is it possible that i port forward my specific ports and it will work?

If you haven't port forwarded port 80, then it will remain unable to validate (until you do).


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.