Unable to check for site reachability/create SSLs on Debian 11

[dnburgess]

Checklist

• Have you pulled and found the error with jc21/nginx-proxy-manager:latest docker image? Yes
• Are you sure you're not using someone else's docker image? Yes
• Have you searched for similar issues (both open and closed)? Yes

Describe the bug When trying to "Test Server Reachability", I get the following error on the dashboard: Communication with the API failed, is NPM running correctly?

When looking into the container logs, I get this error:

QueryBuilder#allowEager method is deprecated. You should use allowGraph instead. allowEager method will be removed in 3.0 QueryBuilder#eager method is deprecated. You should use the withGraphFetched method instead. eager method will be removed in 3.0 QueryBuilder#omit is deprecated. This method will be removed in version 3.0 Model#$omit is deprected and will be removed in 3.0. [11/29/2022] [4:59:56 PM] [SSL ] › ℹ info Testing http challenge for pics.mysite.com Uncaught SyntaxError: Unexpected end of JSON input FROM ./run: line 19: 331 Trace/breakpoint trap (core dumped) node --abort_on_uncaught_exception --max_old_space_size=250 index.js

Nginx Proxy Manager Version v2.9.19

To Reproduce Steps to reproduce the behavior:

1. Go to add SSL
2. Click on Let's Encrypt
3. Add Domain
4. Click "Test Server Reachability"
5. See error

Expected behavior I expect it to tell me whether or not it can reach the domain so I can generate the SSL. This has only started happening recently

Operating System Debian 11 on Linode

Additional context I've also tried downgrading as far down as 2.9.15 just to troubleshoot. I'm able to use the sites that were up prior to the issues starting, but I'm unable to add any additional SSLs, which prevents me from adding more domains.

[danny6167]

Also getting hit by this. The code is calling an external API here, and when that API fails and returns a non-json formated response the process crashes as the exception isn't handled.

https://github.com/NginxProxyManager/nginx-proxy-manager/blob/fd30cfe98bba365e9630a791bdc86f01c08c6fa1/backend/internal/certificate.js#L1169

[dnburgess]

Turns out that I'm still able to pull SSLs, but not able to see if the domain is reachable. Not sure about much else at this point...

[TEALC82]

Hello I have the same problem. I reinstalled everything but no change.

[javierhuerta]

Hello i have the same problem.

[tgaertner]

Same problem, installed NPM yesterday on my server. Can't even create my first ssl cert - this makes this software quite useless...

[danny6167]

The site reachability test fails, but the actual SSL certificate issuing should work fine.

[tgaertner]

@danny6167 Yea! You are right. Never tried it before since the check failed :-) Finally I have ssl available for my domains. Thanks for this hint. Saved my day :-)

[fritzmg]

The site reachability test fails, but the actual SSL certificate issuing should work fine.

Yep, can confirm that as well.

[FroggMaster]

I can confirm that I encounter the same error: "Communication with the API failed, is NPM running correctly?" with the "Test Server Reachability" on the latest build 2.10.2.

I am wondering if @jc21 requires any additional information for troubleshooting to correct this. If I can provide anything that might help I'll be happy to do so! :)

[etymotic]

If anyone wants to give this a try:

My setup is NPM docker running on the same virtual machine as all of my other docker stuff. I use AdGueard Home, with a DNS rewrite of *.mydomain.com - > Local IP of NPM. I figured there was probably some sort of problem of NPM trying to reach stuff but just getting redirected and never leaving my LAN...

So I set up wireguard in the virtual machine that runs all of my docker stuff. I have a subscription to AirVPN and used their config generator. With the VPN connected, I'm able to add/renew certificates.

My guess is that the VPN forces traffic to leave my LAN, which helps things renew properly. Either that, or it just randomly started working while I was messing around with it.

[github-actions[bot]]

Issue is now considered stale. If you want to keep it open, please comment :+1:

[arsenicks]

Adding the ability to use a custom dns server for the test would probably be the easiest fix for this. I think a lot of people are using a local dns server that resolv to local ip. If the prompt would let us set an external dns server to use, that would fix the issue.

[danny6167]

The test that is failing in this issue report is not DNS based.

That would be an entirely different type of test and wouldn't actually test reachability.