NPM reports "Internal Error" when requesting SSL,

Help
1

I'm attempting to setup Docker on my hosting server, and I have installed Nginx Proxy Manager and am attempting to setup a reverse proxy for the container, with SSL. I can setup the proxy, but during the SSL step, I always get "Internal Error".

I checked the domain with all three protocols on letsdebug.net and they are all green for the domain.

-npm_logs.txt reports "Some challenges have failed"
-letsencrypt-requests_error.log is empty
-letsencrypt.log shows sme errors that I am not educated enough to understand.
I'm not sure what other logs might be needed or enough to determine what is relevant so LMK.

One more thing: I've been hosting websites for decades but when it comes to this stuff, I'm a relative n00b to all this and barely understand what I'm doing. LOL Please reply gently and simply. Thanks :slight_smile:

2025-08-25 18:40:19,504:DEBUG:acme.client:Storing nonce: OkLCVishH2e2aSB22BhfQyv4jTLI4FH6tqRTM2bBcMArROkGyF4
2025-08-25 18:40:19,504:INFO:certbot._internal.auth_handler:Challenge failed for domain docker.78industries.com
2025-08-25 18:40:19,505:INFO:certbot._internal.auth_handler:http-01 challenge for docker.78industries.com
2025-08-25 18:40:19,505:DEBUG:certbot._internal.display.obj:Notifying user: 
Certbot failed to authenticate some domains (authenticator: webroot). The Certificate Authority reported these problems:
  Domain: docker.78industries.com
  Type:   unauthorized
  Detail: 66.29.129.223: Invalid response from http://docker.78industries.com/.well-known/acme-challenge/nijDEjA3wD7pGmd0IOi9CYwHGPUJDT_NtkmGGUGkMfU: 404

Hint: The Certificate Authority failed to download the temporary challenge files created by Certbot. Ensure that the listed domains serve their content from the provided --webroot-path/-w and that files created there can be downloaded from the internet.

2025-08-25 18:40:19,507:DEBUG:certbot._internal.error_handler:Encountered exception:
Traceback (most recent call last):
  File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/auth_handler.py", line 108, in handle_authorizations
    self._poll_authorizations(authzrs, max_retries, max_time_mins, best_effort)
  File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/auth_handler.py", line 212, in _poll_authorizations
    raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.

2025-08-25 18:40:19,507:DEBUG:certbot._internal.error_handler:Calling registered functions
2025-08-25 18:40:19,508:INFO:certbot._internal.auth_handler:Cleaning up challenges
2025-08-25 18:40:19,508:DEBUG:certbot._internal.plugins.webroot:Removing /data/letsencrypt-acme-challenge/.well-known/acme-challenge/nijDEjA3wD7pGmd0IOi9CYwHGPUJDT_NtkmGGUGkMfU
2025-08-25 18:40:19,508:DEBUG:certbot._internal.plugins.webroot:All challenges cleaned up
2025-08-25 18:40:19,509:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
  File "/opt/certbot/bin/certbot", line 8, in <module>
    sys.exit(main())
             ^^^^^^
  File "/opt/certbot/lib/python3.11/site-packages/certbot/main.py", line 19, in main
    return internal_main.main(cli_args)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/main.py", line 1879, in main
    return config.func(config, plugins)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/main.py", line 1585, in certonly
    lineage = _get_and_save_cert(le_client, config, domains, certname, lineage)
              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/main.py", line 143, in _get_and_save_cert
    lineage = le_client.obtain_and_enroll_certificate(domains, certname)
              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/client.py", line 524, in obtain_and_enroll_certificate
    cert, chain, key, _ = self.obtain_certificate(domains)
                          ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/client.py", line 425, in obtain_certificate
    orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/client.py", line 503, in _get_order_and_authorizations
    authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort)
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/auth_handler.py", line 108, in handle_authorizations
    self._poll_authorizations(authzrs, max_retries, max_time_mins, best_effort)
  File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/auth_handler.py", line 212, in _poll_authorizations
    raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.
2025-08-25 18:40:19,514:ERROR:certbot._internal.log:Some challenges have failed.

My domain is:

docker.78industries.com

I ran this command:

Various N/A? I am having trouble in the GUI of NPM.

It produced this output:

Internal Error.

My web server is (include version):

Apache 2.4.65

The operating system my web server runs on is (include version):

Ubuntu 22.04.5

My hosting provider, if applicable, is:

Namecheap (Dedicated)

I can login to a root shell on my machine (yes or no, or I don't know):

Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

A combination of CLI, cPanel, WHM and Remote Desktop, depending on the task.

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

Im using NGINX Proxy Manager, and as I understand it, it comes with it's own contained version of  certbot and certbot is not installed on my hosting server outside of that. I'm not sure how to find out the version NPM is using. (certbot --version returns "certbot not found")
1 Like
2

As a side-note - I can force the domain to use SSL through cPanel. Would that bypass the need to setup SSL on the proxy in NPM?

3

Sure, but, you are probably not going to like my answer :slight_smile:

You did well to find that error message in the log. NPM does not make it easy to find that.

The best place to ask about this is on the NPM forum. I warned you wouldn't like my answer

NPM configures your server, containers and then invokes Certbot in a very custom way. Errors that result are because something went wrong amongst all those "moving parts". It takes an NPM expert to resolve those and they are at the NPM forum.

In case this helps, the 404 code is an HTTP Not Found. It means NPM setup your system to do an HTTP Challenge. It configured your server to reply to the challenge by placing a token in a certain location. NPM then told Let's Encrypt to check that token to validate your domain and issue your cert. When LE made that check your system said the token was not found. There isn't anything more for LE to do. You need to get all these moving parts working together properly.

3 Likes
4

The thought of mixing cPanel and NPM makes my head hurt. Maybe someone else will express an opinion.

4 Likes
5

I share the headache I get when thinking of that combo.

1 Like
6

Ahh, that makes sense. I only came here because a line in one of the errors told me to ask here :slight_smile: Thanks for your input.

1 Like
7

After searching the issue over there, it seems nobody responds. There are dozens and dozens of inquiries exactly like mine but not one response, and only a lot of "me too. Did you ever figure it out?"

Oh well. For context, I was trying to migrate my Nextcloud instance from Standard to AIO because they tell me over there "it's so much easier and no hassle to manage" but all I've done so far is bang my head against the wall trying to get through the first step of setting up Docker lol. I'm thinking I'll just stay where I am for now. :slight_smile:

OK? Sorry about that. When you have something helpful to add, LMK. Thanks.

9

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.