Open Zantag opened 3 years ago
same issue here . i been using this for about 6 mounth and today is stops working (i can`y request new certyfikate)
Just a random guess here, but is the domain proxied by any change? Maybe try disabling the proxy when renewing the certificate.
For me helped switching to the version 2.3.9 and deleting the let's encrypt folder
I'm curious if my issue is related? I'm using DNS challenge but I see the same "Internal Error" message
Same problem here. Cant renew Certs via Certbot using DNS Challenge on Cloudflair
I'm curious if my issue is related? I'm using DNS challenge but I see the same "Internal Error" message
1146
I'm pretty sure they aren't, as this issue is about using the HTTP challenge. So any issues with DNS challenges most likely have nothing to do with this issue.
This is happening to me as well, using the http challenge. I'm going to see if I can debug this a bit further tonight.
My version on nginx proxy manager is v2.7.3 but i see the latest is v2.9.3... How to update to to the latest version i hope this version to fix my problem...
My version on nginx proxy manager is v2.7.3 but i see the latest is v2.9.3... How to update to to the latest version i hope this version to fix my problem...
I updates mine too, and it didnt solve the Problem. Today i was able to renew 1 Cert then the Error displayed again.
For Updating it depands on your Setup. If you habe a docker-compose file, just enter the Directory and run
docker-compose pull docker-compose up -d
Yeah same issues for the past 6 months. You need to remove the let's encrypt folder and redo it.
I don't know why, cause log say that the request could not be made but if i go on the HTTP Challenge URL i can access it shortly.
I install nginx proxy manager via portainer like stack. I try to reinstall it but again is old v2.7.3... maybe integrated certbot is old or?
You need to pull and check your docker.compose if the version is not hard coded.
Same problem here. (via docker-compose) Pulled the current image, error still there. @Verttigo28 which directory did you remove? If i remove the letsencrypt folder nginx fails to start.
I give up guys, i bought new cert from ssl provaider and upload it manually to the proxy server.
Has anyone figured out how to fix this? I'm having the same issue i.e. I cannot get new certificates or renew certificates using lets encrypt. This was working and now appears to be broken. I tried deleting the lets encrypt folder but had to restore it as NPM failed to start.
What do the letsencrypt logs say? See https://github.com/NginxProxyManager/nginx-proxy-manager/discussions/1749#user-content-certificate-error
Thanks for the response @chaptergy. I have ports 443 and 80 directed from the router to the NPM container. I'm not using DNS challenge.
Here is log from /var/log/letsencrypt/letsencrypt.log
Looks like I can't access the internet from the container. The DNS server for the container is 127.0.0.11 which I understand is correct?
Any ideas?
2022-01-20 10:07:57,557:DEBUG:certbot._internal.main:certbot version: 1.21.0
2022-01-20 10:07:57,557:DEBUG:certbot._internal.main:Location of certbot entry point: /opt/certbot/bin/certbot
2022-01-20 10:07:57,557:DEBUG:certbot._internal.main:Arguments: ['--config', '/etc/letsencrypt.ini', '--cert-name', 'npm-26', '--agree-tos', '--authenticator', 'webroot', '--email', 'redactedgmail.com', '--preferred-challenges', 'dns,http', '--domains', 'redacted.ca']
2022-01-20 10:07:57,557:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2022-01-20 10:07:57,578:DEBUG:certbot._internal.log:Root logging level set at 30
2022-01-20 10:07:57,579:DEBUG:certbot._internal.plugins.selection:Requested authenticator webroot and installer None
2022-01-20 10:07:57,583:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * webroot
Description: Place files in webroot directory
Interfaces: Authenticator, Plugin
Entry point: webroot = certbot._internal.plugins.webroot:Authenticator
Initialized: <certbot._internal.plugins.webroot.Authenticator object at 0x7f7f32b56f60>
Prep: True
2022-01-20 10:07:57,583:DEBUG:certbot._internal.plugins.selection:Selected authenticator <certbot._internal.plugins.webroot.Authenticator object at 0x7f7f32b56f60> and installer None
2022-01-20 10:07:57,584:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator webroot, Installer None
2022-01-20 10:07:57,741:DEBUG:certbot._internal.main:Picked account: <Account(RegistrationResource(body=Registration(key=None, contact=(), agreement=None, status=None, terms_of_service_agreed=None, only_return_existing=None, external_account_binding=None), uri='https://acme-v02.api.letsencrypt.org/acme/acct/281014530', new_authzr_uri=None, terms_of_service=None), 9d709dafa9c560ae2caf09710b7e78af, Meta(creation_dt=datetime.datetime(2021, 11, 15, 3, 24, 33, tzinfo=<UTC>), creation_host='49c7c2498084', register_to_eff=None))>
2022-01-20 10:07:57,742:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
2022-01-20 10:07:57,745:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443
2022-01-20 10:08:07,756:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
File "/opt/certbot/lib/python3.7/site-packages/urllib3/connection.py", line 175, in _new_conn
(self._dns_host, self.port), self.timeout, **extra_kw
File "/opt/certbot/lib/python3.7/site-packages/urllib3/util/connection.py", line 73, in create_connection
for res in socket.getaddrinfo(host, port, family, socket.SOCK_STREAM):
File "/usr/lib/python3.7/socket.py", line 748, in getaddrinfo
for res in _socket.getaddrinfo(host, port, family, type, proto, flags):
socket.gaierror: [Errno -3] Temporary failure in name resolution
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/opt/certbot/lib/python3.7/site-packages/urllib3/connectionpool.py", line 706, in urlopen
chunked=chunked,
File "/opt/certbot/lib/python3.7/site-packages/urllib3/connectionpool.py", line 382, in _make_request
self._validate_conn(conn)
File "/opt/certbot/lib/python3.7/site-packages/urllib3/connectionpool.py", line 1010, in _validate_conn
conn.connect()
File "/opt/certbot/lib/python3.7/site-packages/urllib3/connection.py", line 358, in connect
conn = self._new_conn()
File "/opt/certbot/lib/python3.7/site-packages/urllib3/connection.py", line 187, in _new_conn
self, "Failed to establish a new connection: %s" % e
urllib3.exceptions.NewConnectionError: <urllib3.connection.HTTPSConnection object at 0x7f7f32a6c630>: Failed to establish a new connection: [Errno -3] Temporary failure in name resolution
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/opt/certbot/lib/python3.7/site-packages/requests/adapters.py", line 449, in send
timeout=timeout
File "/opt/certbot/lib/python3.7/site-packages/urllib3/connectionpool.py", line 756, in urlopen
method, url, error=e, _pool=self, _stacktrace=sys.exc_info()[2]
File "/opt/certbot/lib/python3.7/site-packages/urllib3/util/retry.py", line 574, in increment
raise MaxRetryError(_pool, url, error or ResponseError(cause))
urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='acme-v02.api.letsencrypt.org', port=443): Max retries exceeded with url: /directory (Caused by NewConnectionError('<urllib3.connection.HTTPSConnection object at 0x7f7f32a6c630>: Failed to establish a new connection: [Errno -3] Temporary failure in name resolution'))
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/opt/certbot/bin/certbot", line 8, in <module>
sys.exit(main())
File "/opt/certbot/lib/python3.7/site-packages/certbot/main.py", line 15, in main
return internal_main.main(cli_args)
File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/main.py", line 1574, in main
return config.func(config, plugins)
File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/main.py", line 1416, in certonly
le_client = _init_le_client(config, auth, installer)
File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/main.py", line 770, in _init_le_client
return client.Client(config, acc, authenticator, installer, acme=acme)
File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/client.py", line 267, in __init__
acme = acme_from_config_key(config, self.account.key, self.account.regr)
File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/client.py", line 48, in acme_from_config_key
client = acme_client.BackwardsCompatibleClientV2(net, key, config.server)
File "/opt/certbot/lib/python3.7/site-packages/acme/client.py", line 875, in __init__
directory = messages.Directory.from_json(net.get(server).json())
File "/opt/certbot/lib/python3.7/site-packages/acme/client.py", line 1236, in get
self._send_request('GET', url, **kwargs), content_type=content_type)
File "/opt/certbot/lib/python3.7/site-packages/acme/client.py", line 1174, in _send_request
response = self.session.request(method, url, *args, **kwargs)
File "/opt/certbot/lib/python3.7/site-packages/requests/sessions.py", line 542, in request
resp = self.send(prep, **send_kwargs)
File "/opt/certbot/lib/python3.7/site-packages/requests/sessions.py", line 655, in send
r = adapter.send(request, **kwargs)
File "/opt/certbot/lib/python3.7/site-packages/requests/adapters.py", line 516, in send
raise ConnectionError(e, request=request)
requests.exceptions.ConnectionError: HTTPSConnectionPool(host='acme-v02.api.letsencrypt.org', port=443): Max retries exceeded with url: /directory (Caused by NewConnectionError('<urllib3.connection.HTTPSConnection object at 0x7f7f32a6c630>: Failed to establish a new connection: [Errno -3] Temporary failure in name resolution'))
2022-01-20 10:08:07,854:ERROR:certbot._internal.log:An unexpected error occurred:
2022-01-20 10:08:07,854:ERROR:certbot._internal.log:requests.exceptions.ConnectionError: HTTPSConnectionPool(host='acme-v02.api.letsencrypt.org', port=443): Max retries exceeded with url: /directory (Caused by NewConnectionError('<urllib3.connection.HTTPSConnection object at 0x7f7f32a6c630>: Failed to establish a new connection: [Errno -3] Temporary failure in name resolution'))
Resolved my issue. I don't think it was related to the NPM container but rather my docker config. I don't know exactly what was wrong. Restarting the docker service didn't seem to help but restarting the server on which docker runs seemed to fix it.
Issue is now considered stale. If you want to keep it open, please comment :+1:
Hi i cant renew SSL for my domain. Every time when i try to renew it manually message "Internal Error" appear... What can i do?
This is the log of container via portainer GUI: