SSL Internal error (like #2892)

[GitTworn]

I have tested with version 2.9.x and 2.10.x that #2892 still exists with a clean install and upgrades. No real point to repeating all the info as it's exactly the same. No idea why the issue was closed since it was not fixed.

There is a discussion here are well: https://community.letsencrypt.org/t/interner-error-ssl-certifcate/197577

It seems to be an issue with the certbot version.

[Shydoo]

I agree with you, but for me it's even worse because if I delete the config of a domain where I've had this error, I can no longer configure new domains, I get exactly the same errors for absolutely everything whether I'm using HTTPS or HTTP...

This means that each time I have to put together a new instance of NPM and reconfigure all the domains.

While I'm waiting for a patch from the author, does anyone know how to make a real backup that I could import into another instance of an NPM (not necessarily on the same domain) so that I don't have to waste a lot of time reassembling everything manually? I've already tried to move a few files but couldn't because I imagine they're linked.

[linuxayn]

[7/14/2023] [2:22:23 AM] [Express  ] › ⚠  warning   Command failed: certbot renew --config "/etc/letsencrypt.ini" --cert-name "npm-1" --disable-hook-validation --no-random-sleep-on-renew 
An unexpected error occurred:
ModuleNotFoundError: No module named 'zope'

Same issue and I got the above error message. I solved this issue by reverting cert and acme to an older version:

pip install certbot==1.32.0
pip install acme==1.32.0

[ACarolan]

Also having this problem and it's driving me crazy as I can no longer access my server from the web. I've tried fresh installs of different versions of NPM on both unraid and truenas scale to no avail.

[ACarolan]

For anyone who finds this, I was able to get around it by manually creating an SSL certificate in NPM and attaching it to the host(s). Slightly tedious, but at least it works for now.

[Ruthalas]

For anyone who finds this, I was able to get around it by manually creating an SSL certificate in NPM and attaching it to the host(s). Slightly tedious, but at least it works for now.

@ACarolan can you give a bit more detail on this? I haven't done that process before and am about to need to.

Thank you for the tip!

[ACarolan]

For anyone who finds this, I was able to get around it by manually creating an SSL certificate in NPM and attaching it to the host(s). Slightly tedious, but at least it works for now.

@ACarolan can you give a bit more detail on this? I haven't done that process before and am about to need to.

Thank you for the tip!

Basically in NPM go to the SSL certificates tab and click 'Add SSL Certificate' to make a cert manually. If you're not well versed in networking, stick to Let's Encrypt and pray that your DNS provider is on the list (Google Domains, cloudflare, GoDaddy, etc) but there's an option for custom certificate too if you can get the key and cert files from your DNS provider. You'll need to create an ACME API key with your domain registrar, how to do this will be different depending on your registrar, once you have your key copy it to the prompt in NPM and give it a few minutes to check and create the cert. You should see an item populate once it's done. The name field on the cert included my subdomain (subdomain.mydomain.com) but the api key was just my domain (mydomain.com). So if you have multiple subdomains, you'll have to have a key/cert for each. Maybe there's a better way to do this but NPM seems to be currently broken for some reason so this will suffice for now.

Now that you have a certificate, go back to hosts/create host and under the SSL tab for a host, instead of "request a new certificate" you should see an option for your cert you just made. Was pretty seamless and just started working for me.

This means that the cert will expire (NPM will tell you when) and will need to be renewed periodically. Good luck

[stoudtlr]

For anyone who finds this, I was able to get around it by manually creating an SSL certificate in NPM and attaching it to the host(s). Slightly tedious, but at least it works for now.

@ACarolan can you give a bit more detail on this? I haven't done that process before and am about to need to. Thank you for the tip!

Basically in NPM go to the SSL certificates tab and click 'Add SSL Certificate' to make a cert manually. If you're not well versed in networking, stick to Let's Encrypt and pray that your DNS provider is on the list (Google Domains, cloudflare, GoDaddy, etc) but there's an option for custom certificate too if you can get the key and cert files from your DNS provider. You'll need to create an ACME API key with your domain registrar, how to do this will be different depending on your registrar, once you have your key copy it to the prompt in NPM and give it a few minutes to check and create the cert. You should see an item populate once it's done. The name field on the cert included my subdomain (subdomain.mydomain.com) but the api key was just my domain (mydomain.com). So if you have multiple subdomains, you'll have to have a key/cert for each. Maybe there's a better way to do this but NPM seems to be currently broken for some reason so this will suffice for now.

Now that you have a certificate, go back to hosts/create host and under the SSL tab for a host, instead of "request a new certificate" you should see an option for your cert you just made. Was pretty seamless and just started working for me.

This means that the cert will expire (NPM will tell you when) and will need to be renewed periodically. Good luck

thank you! It's now 1am and I can finally go to sleep after installing NGM for the first time and spending hours troubleshooting why I couldn't get SSL to work before finally finding your work around. Cert installed and I can now access my site with https.

[ACarolan]

@stoudtlr Welcome! Though I have moved on from reverse proxy, and use cloudflare tunnels. It's worked nearly perfectly for me, setup was pretty easy, and cloudflare makes good stuff. (for anyone else finding this thread)

[github-actions[bot]]

Issue is now considered stale. If you want to keep it open, please comment :+1: