I am running [latest] NGINX Docker Container. I have had no issues until my recent transfer to a Cisco FPR1010. I have opened Ports 80,443 and NAT then from STATIC WAN to the correct LAN IP. Every time I try to create a certificate, I get an error.
⚠ warning Command failed: certbot certonly --config "/etc/letsencrypt.ini" --work-dir "/tmp/letsencrypt-lib" --logs-dir "/tmp/letsencrypt-log" --cert-name "npm-46" --agree-tos --authenticator webroot --email "mymail@myemail.org" --preferred-challenges "dns,http" --domains "sonarr.sithlord.duckdns.org"
Saving debug log to /tmp/letsencrypt-log/letsencrypt.log
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /tmp/letsencrypt-log/letsencrypt.log or re-run Certbot with -v for more details.
This has happened for every and every SSL I try to make.
Looks like you are using Nginx Proxy Manager (NPM). That is very different than just nginx. NPM hides essential info about the actual failure. Many of the volunteers here don't like to work on NPM problems for this (and other) reasons.
That said, you are using an HTTP Challenge (webroot) but your domain is not accessible on HTTP. The Let's Debug test site is often helpful to test comms on new setups. Otherwise you might ask on the NPM forum about setup. You could post the full log here but it will probably just say what Let's Debug is saying
You actually fixed it for me, by giving me more details about my own situation. It appears I made the correct ACL/Firewall entry, but FORGOT to NAT Port 80, only NAT'd 443. So, thank you.