search

NginxProxyManager / nginx-proxy-manager

Docker container for managing Nginx proxy hosts with a simple, powerful interface
https://nginxproxymanager.com
MIT License
23.45k stars 2.72k forks source link

Cannot pull a cert with a cloudflare domain. #3599

Open ken8521 opened 9 months ago

ken8521 commented 9 months ago

Checklist

Describe the bug I tried pulling a cloudflare cert, token is 100% correct, log is showing this error

[3/3/2024] [4:43:27 PM] [Express ] › ⚠ warning Saving debug log to /tmp/letsencrypt-log/letsencrypt.log Error determining zone_id: 6003 Invalid request headers. Please confirm that you have supplied valid Cloudflare API credentials. (Did you copy your entire API token/key? To use Cloudflare tokens, you'll need the python package cloudflare>=2.3.1. This certbot is running cloudflare 2.19.2) Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /tmp/letsencrypt-log/letsencrypt.log or re-run Certbot with -v for more details.

I bashed into the container and ran certbot -v

Saving debug log to /var/log/letsencrypt/letsencrypt.log Certbot doesn't know how to automatically configure the web server on this system. However, it can still get a certificate for you. Please run "certbot certonly" to do so. You'll need to manually configure your web server to use the resulting certificate. Then as instructed checked the log, and got this:

2024-03-03 16:51:22,160:DEBUG:certbot._internal.main:Location of certbot entry point: /opt/certbot/bin/certbot 2024-03-03 16:51:22,160:DEBUG:certbot._internal.main:Arguments: ['-v'] 2024-03-03 16:51:22,160:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#dns-cloudflare,PluginEntryPoint#manual,PluginEntryP> 2024-03-03 16:51:22,167:DEBUG:certbot._internal.log:Root logging level set at 20 2024-03-03 16:51:22,168:DEBUG:certbot._internal.plugins.selection:Requested authenticator None and installer None 2024-03-03 16:51:22,168:DEBUG:certbot._internal.plugins.selection:No candidate plugin

Nginx Proxy Manager Version 2.10.0

To Reproduce Try to pull a cert with a cloudflare domain/token

Expected behavior A cert should be pulled

Operating System Docker

Additional context I know its not my network settings, as I pulled a cert no problem with linuxserver/swag as a test.

ken8521 commented 9 months ago

Well, I guess this can be sort of solved...

I've always used my global API token w/o issue.. On a whim, I went ahead and created a new custom token that basically pointed at everything... Used that token in my setup, got a cert no problem.

sheiy commented 7 months ago

Well, I guess this can be sort of solved...

I've always used my global API token w/o issue.. On a whim, I went ahead and created a new custom token that basically pointed at everything... Used that token in my setup, got a cert no problem.

just add dns read and write permission

github-actions[bot] commented 1 month ago

Issue is now considered stale. If you want to keep it open, please comment :+1: