Some challenges

My domain is: dont wanna say this here

I ran this command: certonly --non-interactive --config "/etc/letsencrypt.ini" --cert-name "npm-22" --agree-tos --email "EMAIL" --preferred-challenges "dns,http" --domains "DOMAIN"
DOMAIN = the real domain
EMAIL = my real email

It produced this output:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for DOMAIN
Using the webroot path /data/letsencrypt-acme-challenge for all unmatched domains.
Waiting for verification...
Challenge failed for domain DOMAIN
http-01 challenge for DOMAIN
Cleaning up challenges
Some challenges have failed.
    at ChildProcess.exithandler (child_process.js:308:12)
    at ChildProcess.emit (events.js:314:20)
    at maybeClose (internal/child_process.js:1051:16)
    at Process.ChildProcess._handle.onexit (internal/child_process.js:287:5)

The operating system my web server runs on is (include version): Ubuntu 20.04

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): nginx proxy manager GUI | v2.8.1

1 Like

Hi @Immuc,
Welcome to the forum.

First of all, which type of authentication did you choose to go through? You've set DNS and HTTP as preferred, and certbot seems to choose HTTP w/ webroot to go through.

I'm not familiar with this part, but it certainly didn't look like code output from certbot or nginx (genuine) itself, as it's in nodejs?

Since you mentioned you use Nginx Proxy Manager, i would assume you are requesting a certificate for a reverse proxied site? If so, did you make any adjustments to allow your host system to use .well-known/acme-challenge/?
When you are requesting certificate from your host and the final website is served with reverse proxy, you need to make your host's web server catch the request at host level so it doesn't get passed into the actual site (which have no way to make your site get the token generated from your host)...

1 Like

What a terrible documentation that piece of software has. I'm trying to find anything about Let's Encrypt and/or certificates in general on but it seems only the homepage mentions it as a feature, but nowhere else.

So, lacking any official documentation, could you, as the user, perhaps guide us through the process of getting (or in this case: trying to get) a certificate? Where do you enter the mentioned command? Or is it generated by that GUI itself? What's the contents of /etc/letsencrypt.ini? Where does it come from? Did you make it? Was it already there?

It seems that GUI uses NodeJS indeed..

1 Like

Hello. I use Nginx Proxy manager to create my certificates. And it worked since today.
This is what it looks like, when I try to create a certificate:

When I click "save" it gives me this error.
And 3. No I did not. One thing: my server landlord texted me and said that they have connection issues. Maybe thats why the error happens. Ill try some more times in the next minutes and tell u in about 15 minutes, if it worked.

1 Like

If it's not a problem with your internet connectivity, I'm fairly certain this is not something we can help with. It sounds like you only have those GUI options, so if the GUI isn't functioning properly, you probably have more chance of success when you ask the nginx proxy manager GUI folks for help.


Yes. the thing is that it worked since today. And I didnt updated anything in the GUI. It worked now so it was a connection issue. Thanks anyways for the fast response. Have a great day!


Hi @Immuc

please read your output.

You use webroot


the webroot you use. Your domain has only ipv6, not typical, but checking your domain all works - see

There is the expected http result 404 - Not Found checking /.well-known/acme-challenge/random-filename.

So simple answer: Your webroot is wrong.

But you should always be able to find your correct webroot.

Check your config, create the two subdirectories /.well-known/acme-challenge manual, there a file (file name 1234), you must be able to load that file via



What of

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. |, so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

you don't understand?

1 Like

@JuergenAuer Please read the thread in total more carefully. See:

Nothing to debug and/or fix any longer.

1 Like

Yes. Its "fixed" already but thanks anyways!


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.