SSL | Intern error

[TheDoDoo]

Checklist

• Have you pulled and found the error with jc21/nginx-proxy-manager:latest docker image?
  • Yes
• Are you sure you're not using someone else's docker image?
  • Yes
• Have you searched for similar issues (both open and closed)?
  • Yes

Describe the bug

Nginx Proxy Manager Version

Nginx Proxy Manager Version v2.10.2

To Reproduce

Expected behavior

ERROR form Docker Nginx Proxy Manager

[5/5/2023] [10:17:33 PM] [Nginx    ] › ⬤  debug     Deleting file: /data/nginx/temp/letsencrypt_5.conf
[5/5/2023] [10:17:33 PM] [Nginx    ] › ℹ  info      Reloading Nginx
[5/5/2023] [10:17:33 PM] [Express  ] › ⚠  warning   Command failed: certbot certonly --config "/etc/letsencrypt.ini" --work-dir "/tmp/letsencrypt-lib" --logs-dir "/tmp/letsencrypt-log" --cert-name "npm-5" --agree-tos --authenticator webroot --email "@outlook.de" --preferred-challenges "dns,http" --domains "portainer.the-dodo.de" 
Saving debug log to /tmp/letsencrypt-log/letsencrypt.log
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /tmp/letsencrypt-log/letsencrypt.log or re-run Certbot with -v for more details.
[5/5/2023] [10:29:06 PM] [Nginx    ] › ⬤  debug     Deleting file: /data/nginx/proxy_host/1.conf
[5/5/2023] [10:29:06 PM] [Nginx    ] › ⬤  debug     Deleting file: /data/nginx/proxy_host/1.conf.err
[5/5/2023] [10:29:06 PM] [Nginx    ] › ⬤  debug     Could not delete file: {
  "errno": -2,
  "syscall": "unlink",
  "code": "ENOENT",
  "path": "/data/nginx/proxy_host/1.conf.err"
}
[5/5/2023] [10:29:06 PM] [Nginx    ] › ℹ  info      Reloading Nginx
[5/5/2023] [10:29:11 PM] [SSL      ] › ℹ  info      Requesting Let'sEncrypt certificates for Cert #6: portainer.the-dodo.de
[5/5/2023] [10:29:11 PM] [SSL      ] › ℹ  info      Command: certbot certonly --config "/etc/letsencrypt.ini" --work-dir "/tmp/letsencrypt-lib" --logs-dir "/tmp/letsencrypt-log" --cert-name "npm-6" --agree-tos --authenticator webroot --email "@outlook.de" --preferred-challenges "dns,http" --domains "portainer.the-dodo.de" 
[5/5/2023] [10:29:12 PM] [Nginx    ] › ⬤  debug     Deleting file: /data/nginx/temp/letsencrypt_6.conf
[5/5/2023] [10:29:12 PM] [Nginx    ] › ℹ  info      Reloading Nginx
[5/5/2023] [10:29:12 PM] [Express  ] › ⚠  warning   Command failed: certbot certonly --config "/etc/letsencrypt.ini" --work-dir "/tmp/letsencrypt-lib" --logs-dir "/tmp/letsencrypt-log" --cert-name "npm-6" --agree-tos --authenticator webroot --email "@outlook.de" --preferred-challenges "dns,http" --domains "portainer.the-dodo.de" 
Saving debug log to /tmp/letsencrypt-log/letsencrypt.log
An unexpected error occurred:
Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/failed-validation-limit/
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /tmp/letsencrypt-log/letsencrypt.log or re-run Certbot with -v for more details.

In /tmp/letsencrypt-log/letsencrypt.log is nothing

Operating System Ubuntu 20

[eladent]

Git exactly the same error, here. Looking at letsencrypt.log says that let's encrypt cannot access the challenge. Very strange. @TheDoDoo : I think you see nothing in "/tmp/letsencrypt-log/letsencrypt.log" because the file is in the docker path : /var/lib/docker/overlay2/[yourcontainerID]/merged/var/log/letsencrypt/letsencrypt.log. Looke duplicate with #2881 with a interesting workaround (not working for me).

I guess it's done until a patch...

[RobustMarker]

Ive been having the same issue for a couple months now also, not sure what the problem is. Cant generate any certs only difference is im using unraid.

[TheDoDoo]

#

[lxzmads]

Can't add custom certificate either, same error.

[5/29/2023] [9:53:43 AM] [Nginx    ] › ⬤  debug     Could not delete file: {
  "errno": -2,
  "syscall": "unlink",
  "code": "ENOENT",
  "path": "/data/nginx/proxy_host/1.conf"
}
[5/29/2023] [9:53:43 AM] [Nginx    ] › ⬤  debug     Deleting file: /data/nginx/proxy_host/1.conf.err
[5/29/2023] [9:53:43 AM] [Nginx    ] › ⬤  debug     Could not delete file: {
  "errno": -2,
  "syscall": "unlink",
  "code": "ENOENT",
  "path": "/data/nginx/proxy_host/1.conf.err"
}

then the hostfile disappear, server offline.

[Ruthalas]

This may also be the same issue described in #2873 (I am also experiencing this issue still, running unRAID, workaround from #2881 not working for me.)

[cacpmw]

Can't add custom certificate either, same error.

[5/29/2023] [9:53:43 AM] [Nginx    ] › ⬤  debug     Could not delete file: {
  "errno": -2,
  "syscall": "unlink",
  "code": "ENOENT",
  "path": "/data/nginx/proxy_host/1.conf"
}
[5/29/2023] [9:53:43 AM] [Nginx    ] › ⬤  debug     Deleting file: /data/nginx/proxy_host/1.conf.err
[5/29/2023] [9:53:43 AM] [Nginx    ] › ⬤  debug     Could not delete file: {
  "errno": -2,
  "syscall": "unlink",
  "code": "ENOENT",
  "path": "/data/nginx/proxy_host/1.conf.err"
}

then the hostfile disappear, server offline.

I am getting the exact same error

[aj1322001]

Has anyone solved this issue?

Duplicate relation "access_list" in a relation expression. You should use "a.[b, c]" instead of "[a.b, a.c]". This will cause an error in objection 2.0 [6/20/2023] [9:52:40 PM] [Nginx ] › ⬤ debug Deleting file: /data/nginx/proxy_host/4.conf [6/20/2023] [9:52:40 PM] [Nginx ] › ⬤ debug Could not delete file: { "errno": -2, "syscall": "unlink", "code": "ENOENT", "path": "/data/nginx/proxy_host/4.conf" } [6/20/2023] [9:52:40 PM] [Nginx ] › ℹ info Reloading Nginx [6/20/2023] [9:52:55 PM] [Nginx ] › ⬤ debug Deleting file: /data/nginx/proxy_host/4.conf [6/20/2023] [9:52:55 PM] [Nginx ] › ℹ info Reloading Nginx [6/20/2023] [9:54:50 PM] [Nginx ] › ⬤ debug Deleting file: /data/nginx/proxy_host/5.conf [6/20/2023] [9:54:50 PM] [Nginx ] › ⬤ debug Could not delete file: { "errno": -2, "syscall": "unlink", "code": "ENOENT", "path": "/data/nginx/proxy_host/5.conf" }

[Solander]

I have the exact same problem... Don't know why this was closed since many have the same problem.

[Ruthalas]

@aj1322001 If you understand this enough to articulate the issue clearly, would you be willing to create a new issue mentioning this?

[GitTworn]

I'm having exactly this issue after a clean install. I also had this issue after upgrading from an earlier version.

[thomasbonsirven]

Hello,

Same here ..

[DannenmannA]

Hi, same problem here :-(

[GitTworn]

Is anyone not having this issue? I have done a clean install on version 2.9.22 and 2.10.3 and both have this issue. Its working without SSL.

[thomasbonsirven]

Hello @GitTworn

I think is a problem with Ubuntu/Debian, but i dont Knox why. I think this, because i try on Fedora, Centos, Alpine is work. On fresh installé Ubuntu 18.04 to 22.04 and Debian Buster not work, same problem.

So, on alpine, i have a error, with a file not deleting, but i have my ssl certificat.

If you use docker-compose, set network to host. Just for try.

[Graxo]

Having the same issue since i reinstalled my server today and redeployed my dockers.

[thomasbonsirven]

Having the same issue since i reinstalled my server today and redeployed my dockers.

What is your os ?

[Neeham]

For the past 2-3 days I've been having so many issues (after fresh install). Finally after setting up SSL and scrolling up in logs, I saw the same issue. Not sure what's causing this but yep, it's causing too many error after setting SSL and then adding host(s), it no longer load nginx proxy manager dashboard and throws 500 and all I see in logs is a bunch of Could not delete file (ssl) and Could not delete file (for all the host(s) I've added).

[ynixt]

Same issue here with a custom SSL certificate.

[thomasbonsirven]

I have same problem, on Ubuntu host and Alpine. But in Alpine, it's work.

I dont now if really this the problem.

I thinks is a conf of Docker-Compose or Docker engine, maybe docker host network... i dont know

But, in Alpine, Fedora and Redhat i have same error, but the certificat ( custom or lets'encrypt) is perfect work.

[GitTworn]

I got this error for the first time after an upgrade, however, when downgrading the error persisted, even after a fresh install of an earlier working version. So I suspect in the meantime, docker got updated and it might be a docker related issue.

[mlapaglia]

YMMV, but i found my unraid setup was using the docker image jlesage/nginx-proxy-manager. i switched to the one in the quick setup guide, and used the correct port numbers and volumes that differed from the old image and it started working again. i did need to set up all my hosts again in the new instance though.

https://nginxproxymanager.com/guide/#quick-setup

[EDIflyer]

Looks similar to what I've been getting - see https://github.com/NginxProxyManager/nginx-proxy-manager/issues/2881 for the workaround that does the trick for me (although it's a bit of a pain and I see from https://github.com/NginxProxyManager/nginx-proxy-manager/issues/2892#issuecomment-1567538341 that it doesn't seem to work for everyone) - might be worth a shot?

[Nenodema]

Why is this issue close since it still persist?

[ZhangTianrong]

What closes this? I am also encountering this problem and for every site I have it says ERR_EMPTY_RESPONSE when I visit it.

[spencerandhill]

YMMV, but i found my unraid setup was using the docker image jlesage/nginx-proxy-manager. i switched to the one in the quick setup guide, and used the correct port numbers and volumes that differed from the old image and it started working again. i did need to set up all my hosts again in the new instance though.

https://nginxproxymanager.com/guide/#quick-setup

This helped me aswell. It's annoying to setup everything again, but at least it works just right out of the box. Just installed jc21/nginx-proxy-manager as it is described in the official setup-guide and now it works.

[parthdevloper]

If you do sudo docker logs <your-container-id-at-which-your-nginx-proxy-manager-is>

you will find the issue,

In my case the issue was that, I requested SSL certificate too many times & that's why it was throwing "Internal Error"

Waiting for couple of days & trying again resolved my issue.

Refrence: https://community.letsencrypt.org/t/error-429-too-many-requests/98580/2

[Neko111]

In my case it was firewall on dataprovider side, where I allowed access to port 80 only from my ip address.

[RobustMarker]

Ive been having the same issue for a couple months now also, not sure what the problem is. Cant generate any certs only difference is im using unraid.

For anyone having a similar issue, my problem was that for some reason my ISP started blocking port 80 but after I got the cert so it was impossible to renew. So manually check all ports are open to properly access your website and allow certs to access the internet.

[it-viktor]

I had the same issue with Nginx Proxy Manager. nginxproxymanager.com/guide/#quick-setup I followed the Docker Compose quick-setup instructions from the nginxproxymanager website, and everything started up. I went to the admin panel to add a new proxy and got an internal error. The same logs appeared in the Docker container: "Could not delete file," and the file "/tmp/letsencrypt-log/letsencrypt.log" had errors "X-Frame-Options: DENY."

I spent a long time trying to figure out the problem, and eventually, everything was resolved as follows: Your configuration file /etc/nginx/conf.d/include/letsencrypt-acme-challenge.conf shows that the directory for storing ACME Challenge files is set to /data/letsencrypt-acme-challenge.

Check the existence and permissions of the directory: ls -la /data/letsencrypt-acme-challenge/.well-known/acme-challenge/

If the directory does not exist, create it and set the correct permissions: mkdir -p /data/letsencrypt-acme-challenge/.well-known/acme-challenge/ chmod -R 755 /data/letsencrypt-acme-challenge/.well-known/acme-challenge/

Create a test file and check its accessibility: echo "test" > /data/letsencrypt-acme-challenge/.well-known/acme-challenge/test curl -I http://mydomain/.well-known/acme-challenge/test

In my case, the folder "/data/letsencrypt-acme-challenge/.well-known/acme-challenge/" did not exist. I created it, checked the permissions, went into the Nginx Proxy Manager admin panel, and had no problem generating a certificate and adding a new proxy.