Proxy manager worked for weeks then one day stopped. Certificates won't renew. Let's Encrypt Error 111: Connection refused

My domain is:

I ran this command: Manual Certificate Renew in web app

It produced this output: 'Internal Error'

My web server is (include version): I don't understand. Is it v2.10.4 © 2023

The operating system my web server runs on is (include version): Unraid 6.12.3

My hosting provider, if applicable, is: Cloudflare

I can login to a root shell on my machine (yes or no, or I don't know): Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): No? I manage it through cloudflare's website

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 2.6.0

I had my Nginx reverse proxy working for weeks then one day I started getting this error 522 from cloudflare:

It seemed like it was related to Nginx SSL certificates since others reported similar errors around that time and I saw some errors automatically refreshing certificates in the logs.

I also tried to manual refresh the certificates and got this error in /tmp/letsencrypt-log/letsencrypt.log

[app         ] [12/11/2023] [11:32:37 PM] [SSL      ] › ℹ  info      Renewing Let'sEncrypt certificates for Cert #2:
[app         ] [12/11/2023] [11:32:37 PM] [SSL      ] › ℹ  info      Command: certbot renew --force-renewal --config "/etc/letsencrypt.ini" --work-dir "/tmp/letsencrypt-lib" --logs-dir "/tmp/letsencrypt-log" --cert-name "npm-2" --preferred-challenges "dns,http" --no-random-sleep-on-renew --disable-hook-validation 
[app         ] [12/11/2023] [11:33:10 PM] [Express  ] › ⚠  warning   Command failed: certbot renew --force-renewal --config "/etc/letsencrypt.ini" --work-dir "/tmp/letsencrypt-lib" --logs-dir "/tmp/letsencrypt-log" --cert-name "npm-2" --preferred-challenges "dns,http" --no-random-sleep-on-renew --disable-hook-validation 
[app         ] Saving debug log to /tmp/letsencrypt-log/letsencrypt.log
[app         ] Failed to renew certificate npm-2 with error: Some challenges have failed.
[app         ] All renewals failed. The following certificates could not be renewed:
[app         ]   /etc/letsencrypt/live/npm-2/fullchain.pem (failure)
[app         ] 1 renew failure(s), 0 parse failure(s)
[app         ] Ask for help or search for solutions at See the logfile /tmp/letsencrypt-log/letsencrypt.log or re-run Certbot with -v for more details.

The log file at /tmp/letsencrypt-log/letsencrypt.log shows:

2023/12/11 23:13:49 [error] 3315#3315: *1333997 connect() to unix:/var/tmp/NginxProxyManager.log.sock failed (111: Connection refused) while connecting to upstream, client:, server: , request: "GET /logterminal/NginxProxyManager.log/ HTTP/1.1", upstream: "http://unix:/var/tmp/NginxProxyManager.log.sock:/", host: ""

I think there's something wrong with the SSL certificates and it's impacting my ability to reach my site. I honestly am very new to this sort of thing so help would be greatly appreciated. I've exhausted all of my troubleshooting ability.

No, not a cert problem. A 522 is a comms failure. This is good place to start for that


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.