Let's Encrypt SSL Cert Auto-Renew "Internal Error"

NginxProxyManager / nginx-proxy-manager

Docker container for managing Nginx proxy hosts with a simple, powerful interface

https://nginxproxymanager.com

MIT License

22.17k stars 2.55k forks source link

Let's Encrypt SSL Cert Auto-Renew "Internal Error" #3979

Open theDepart3d opened 2 weeks ago

theDepart3d commented 2 weeks ago

Checklist

Have you pulled and found the error with jc21/nginx-proxy-manager:latest docker image?
- Yes
Are you sure you're not using someone else's docker image?
- Yes
Have you searched for similar issues (both open and closed)?
- Yes

Describe the bug Certificates issued by Lets Encrypt does not auto renew, manually clicking renew returns "Internal Error". Deleting the certificate and re-creating it works though.

Nginx Proxy Manager Version

v2.11.3 - Using Docker-Compose

To Reproduce Steps to reproduce the behavior:

Find expired lets encrypt cert.
Click renew (returns "Internal Error")

Expected behavior

Renew the ssl certificate issued by Lets Encrypt

Screenshots

Operating System

Distributor ID: Debian
Description:    Debian GNU/Linux 12 (bookworm)
Release:        12
Codename:       bookworm

ayasystems commented 1 week ago

I've the same problem with the same docker version

theDepart3d commented 1 week ago

I've the same problem with the same docker version

Im using the docker-compose version too. Forgot to mention that.

port42069 commented 1 week ago

Deleting the certificate and re-creating it works though.

I added a DNS Challenge cert for a domain that I havent used before, after adding it I was able renew the other certificates without getting the Internal Error!

Edit: Came across this error again with another docker compose container. I recently migrated this container to a new machine and the symlink's located in the "./letsencrypt/live/npm-x/" directory were copied over as the source files, not the links. After recreating the symlinks to the ".pem" files located at "./letsencrypt/archive/npm-x/" I was able to renew the cert.

theDepart3d commented 2 days ago

Deleting the certificate and re-creating it works though.

I added a DNS Challenge cert for a domain that I havent used before, after adding it I was able renew the other certificates without getting the Internal Error!

Edit: Came across this error again with another docker compose container. I recently migrated this container to a new machine and the symlink's located in the "./letsencrypt/live/npm-x/" directory were copied over as the source files, not the links. After recreating the symlinks to the ".pem" files located at "./letsencrypt/archive/npm-x/" I was able to renew the cert.

I am using the DNS Challenge and i still get this error.

I recently migrated this container to a new machine and the symlink's located in the "./letsencrypt/live/npm-x/" directory were copied over as the source files, not the links.

My links are correct (just checked). The renew just never ever worked for me. This is my second NPM and still does not work.

ThatCoffeeGuy commented 3 hours ago

I checked the logs because of the same issue and I got banned from letsencrypt. I was horrified to discover that I got banned because NPM was SPAMMING the renewal requests for domains that were not even accessible, multiple times a minute. As I am quite sure this not how it worked, I believe this a bug introduced with a recent version.

" error: urn:ietf:params:acme:error:rateLimited :: There were too many requests of a given type"