search

NginxProxyManager / nginx-proxy-manager

Docker container for managing Nginx proxy hosts with a simple, powerful interface
https://nginxproxymanager.com
MIT License
21.7k stars 2.51k forks source link

regru plugin not working #3871

Open sevzap14 opened 1 month ago

sevzap14 commented 1 month ago

Checklist

Describe the bug

Nginx Proxy Manager Version

To Reproduce Steps to reproduce the behavior:

  1. Go to '...'
  2. Click on '....'
  3. Scroll down to '....'
  4. See error

Expected behavior

Screenshots

Operating System

Additional context

sevzap14 commented 1 month ago

Plugin can't create (change) acme-challenge on DNS (reg.ru)

2024-07-12 13:45:41,964:DEBUG:acme.client:Storing nonce: 1234_nENGj1sdsadasdasdasdyCIkEyhUF2qDWzgM0 2024-07-12 13:45:41,965:INFO:certbot._internal.auth_handler:Performing the following challenges: 2024-07-12 13:45:41,965:INFO:certbot._internal.auth_handler:dns-01 challenge for domain.ru 2024-07-12 13:45:41,965:DEBUG:certbot_regru.dns:Attempting to add record: {'username': 'username', 'password': '12345678', 'io_encoding': 'utf8', 'show_input_params': 1, 'output_format': 'json', 'input_format': 'json', 'input_data': '{"text": "123475dFvjKqImif-TCzaUIn123Ygrk6lj0eD1XTGh4U", "subdomain": "_acme-challenge", "domains": [{"dname": "domain.com"}]}'} 2024-07-12 13:45:41,966:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): api.reg.ru:443 2024-07-12 13:45:42,122:DEBUG:urllib3.connectionpool:https://api.reg.ru:443 "POST /api/regru2/zone/add_txt HTTP/1.1" 200 None 2024-07-12 13:45:42,123:DEBUG:certbot_regru.dns:Successfully added TXT record ## BUT DNS RECORD NOT ADD! 2024-07-12 13:45:42,124:DEBUG:certbot._internal.display.obj:Notifying user: Waiting 600 seconds for DNS changes to propagate 2024-07-12 13:55:42,124:DEBUG:acme.client:JWS payload: b'{}' 2024-07-12 13:55:42,125:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/376052641327/Q5p01w: { "protected": "1234bGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTgzMTM0MjM1NyIsICJub25jZSI6ICIwSGpZX25FTkdJZUNwU2ROLXFZcE5xcWpBZzBPRXN3OGoxeUNJa0V5aFVGMnFEV3pnTTAiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzM3NjA1MjY0MTMyNy9RNXAwMXcifQ", "signature": "1234td5MYEAqUT53bHqEN5gwwwIbh9B6DOALVMgDCUjdO1ekUg-vYkW9NKdhu5nX8pS40uALx0tOfpO3_OqoiSA9G1gWfvlzwjtdVdGQwg2coKchT4sA8x5OLPz1mCqz76vRIMGTcIn77Gi6Z-7M2QdWkrD4N1UsHwPU2vy4vE2NK1KlJBaA1B0YqM0ASG0XWFA84uJuuJHKH2Sbayr2BnxW4CKI9q0a8UhYRiHql5XrcIe1KrUs846jpgsmGm_sclBMOW0nw86btmwzssdLCOdyJwRfEnOxxjvjKrS7uwOvjvU2AU-pvDevUOlSxsjW739rYvjCYun0f4PJfcix5g", "payload": "e30" } 2024-07-12 13:55:42,126:DEBUG:urllib3.connectionpool:Resetting dropped connection: acme-v02.api.letsencrypt.org 2024-07-12 13:55:42,978:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/376052641327/Q5p01w HTTP/1.1" 200 186 2024-07-12 13:55:42,978:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 12 Jul 2024 13:55:42 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 1831342357 Cache-Control: public, max-age=0, no-cache Link: https://acme-v02.api.letsencrypt.org/directory;rel="index", https://acme-v02.api.letsencrypt.org/acme/authz-v3/376052641327;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/376052641327/Q5p01w Replay-Nonce: 1234YfrLJyiSzvQ0Nkh4p5Zty4_MTTG_FE8bs2LKZ-uHDDBNRU X-Frame-Options: DENY Strict-Transport-Security: max-age=604800

{ "type": "dns-01", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/376052641327/Q5p01w", "status": "pending", "token": "1234RH8nGhi1pm8bdN1YN-apzxaUMca-jvIREJ1nr5E" } 2024-07-12 13:55:42,978:DEBUG:acme.client:Storing nonce: 1234oYfrLJyiSzvQ0Nkh4p5Zty4_MTTG_FE8bs2LKZ-uHDDBNRU 2024-07-12 13:55:42,979:INFO:certbot._internal.auth_handler:Waiting for verification... 2024-07-12 13:55:43,979:DEBUG:acme.client:JWS payload: b'' 2024-07-12 13:55:43,980:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/376052641327: { "protected": "1234ciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTgzMTM0MjM1NyIsICJub25jZSI6ICJYcnNkb1lmckxKeWlTenZRME5raDRwNVp0eTRfTVRUR19GRThiczJMS1otdUhEREJOUlUiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzM3NjA1MjY0MTMyNyJ9", "signature": "12343Lya08x9r21om47k8x6_uQlfk6uZS99mjrzHbzkMnbzCSjji9y_ukjjYmqcU_1HTw3bJeCuUls7oXTbDSvOGfGoZsxDdh4Yqtg93w_Nw060NcJqKR0ovWIwGY2EPetZMjr89-8bbQCrpjwfBfgR8Dqk9FkB0ooc5_mdyVab2GWa35UYItxSdwCNjxzgVAAy77CEmdNxNNGUxfVfpA2EhXZs_yzLoBs4ljSuuRFCbhxBJHvdu7F0s2Dk4yF6FjGZYsI_Lg63-yNvz4C-LrFFgCORapWLpvzh-10d9lNbQ9odRJKjyh-t0VM-7sE_KgV2tpJkpHs9PK5YmQ", "payload": "" } 2024-07-12 13:55:44,178:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/376052641327 HTTP/1.1" 200 660 2024-07-12 13:55:44,178:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 12 Jul 2024 13:55:44 GMT Content-Type: application/json Content-Length: 660 Connection: keep-alive Boulder-Requester: 1831342357 Cache-Control: public, max-age=0, no-cache Link: https://acme-v02.api.letsencrypt.org/directory;rel="index" Replay-Nonce: 1234frxp3EJkFkb2cxZUw7qNHzayjoJ7-aYviTLbXFtpywVEM X-Frame-Options: DENY Strict-Transport-Security: max-age=604800

{ "identifier": { "type": "dns", "value": "domain.com" }, "status": "invalid", "expires": "2024-07-19T13:45:41Z", "challenges": [ { "type": "dns-01", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/376052641327/Q5p01w", "status": "invalid", "validated": "2024-07-12T13:55:42Z", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Incorrect TXT record \"7777lX40XfiCY8c_Xoe4Fqgq-1eN_KaD4USvX3dco\" found at _acme-challenge.domain.ru", (WHY?) "status": 403 }, "token": "6666H8nGhi1pm8bdN1YN-apzxaUMca-jvIREJ1nr5E" } ], "wildcard": true } 2024-07-12 13:55:44,178:DEBUG:acme.client:Storing nonce: 1234oYfrxp3EJkFkb2cxZUw7qNHzayjoJ7-aYviTLbXFtpywVEM 2024-07-12 13:55:44,179:INFO:certbot._internal.auth_handler:Challenge failed for domain domain.ru 2024-07-12 13:55:44,179:INFO:certbot._internal.auth_handler:dns-01 challenge for domain.ru 2024-07-12 13:55:44,179:DEBUG:certbot._internal.display.obj:Notifying user: Certbot failed to authenticate some domains (authenticator: dns). The Certificate Authority reported these problems: Domain: domain.ru Type: unauthorized Detail: Incorrect TXT record "12234YRlX40XfiCY8c_Xoe4Fqgq-1eN_KaD4USvX3dco" found at _acme-challenge.domain.ru

Hint: The Certificate Authority failed to verify the DNS TXT records created by --dns. Ensure the above domains are hosted by this DNS provider, or try increasing --dns-propagation-seconds (currently 600 seconds).

2024-07-12 13:55:44,180:DEBUG:certbot._internal.error_handler:Encountered exception: Traceback (most recent call last): File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/auth_handler.py", line 108, in handle_authorizations self._poll_authorizations(authzrs, max_retries, max_time_mins, best_effort) File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/auth_handler.py", line 212, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') certbot.errors.AuthorizationError: Some challenges have failed.

sevzap14 commented 1 month ago

Please, fix regru plugin

sevzap14 commented 1 month ago

In manual mode all working correct certbot certonly --manual --preferred-challenges=dns -d *.domain.com

sevzap14 commented 1 month ago

i use last container version

dazgluk commented 3 weeks ago

had the same issue. Deleting a domain in NPM and creating it back, fixed the issue for me