[GH-ISSUE #1706] Internal Error with netcup and DNS Challenge #1268

New issue

Open

opened 2026-02-26 06:36:28 +03:00 by kerem · 17 comments

kerem commented 2026-02-26 06:36:28 +03:00

Owner

Copy link

Originally created by @TWART016 on GitHub (Dec 30, 2021).
Original GitHub issue: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/1706

Describe the bug
I want to access my internal password management (vaultwarden) with NPM. Therefore I created in Netcup an A-Record with Destination my internal IP 192.168.178.15. Also I added a TXT entry with Destination: pw-local.MYDOMAIN.

In NPM I created a proxy host and Forward to my password management. In SSL I want to create a certificate with Use a DNS Challenge. I selected netcup as the provider and set dns_netcup_customer_id , dns_netcup_api_key and dns_netcup_api_password. After save I get a Internal Error Message.

In Docker Logs I see

[12/30/2021] [4:20:50 PM] [Express  ] › ⚠  warning   Command failed: certbot certonly --config "/etc/letsencrypt.ini" --cert-name "npm-47" --agree-tos --email "MY-EMAIL" --domains "pw-local.MYDOMAIN" --authenticator dns-netcup --dns-netcup-credentials "/etc/letsencrypt/credentials/credentials-47"

Saving debug log to /var/log/letsencrypt/letsencrypt.log

Inside letsencrypt.log:
"Incorrect TXT record \"pw-local.mydomain.de\" found at _acme-challenge.pw-local.mydomain.de",

Nginx Proxy Manager Version
2.9.13

Operating System
Ubuntu 18.04.4 LTS (Bionic Beaver) with Docker

Edit: If I add the domain to an other proxy host in NGINX the website can be opend but of couse with an certificate error.
Without a certificate it is not possible to access the website.

Originally created by @TWART016 on GitHub (Dec 30, 2021). Original GitHub issue: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/1706 **Describe the bug** I want to access my internal password management (vaultwarden) with NPM. Therefore I created in Netcup an A-Record with Destination my internal IP 192.168.178.15. Also I added a TXT entry with Destination: pw-local.MYDOMAIN. In NPM I created a proxy host and Forward to my password management. In SSL I want to create a certificate with Use a `DNS Challenge`. I selected netcup as the provider and set dns_netcup_customer_id , dns_netcup_api_key and dns_netcup_api_password. After save I get a `Internal Error` Message. In Docker Logs I see ``` [12/30/2021] [4:20:50 PM] [Express ] › ⚠ warning Command failed: certbot certonly --config "/etc/letsencrypt.ini" --cert-name "npm-47" --agree-tos --email "MY-EMAIL" --domains "pw-local.MYDOMAIN" --authenticator dns-netcup --dns-netcup-credentials "/etc/letsencrypt/credentials/credentials-47" Saving debug log to /var/log/letsencrypt/letsencrypt.log ``` Inside letsencrypt.log: ` "Incorrect TXT record \"pw-local.mydomain.de\" found at _acme-challenge.pw-local.mydomain.de", ` **Nginx Proxy Manager Version** 2.9.13 **Operating System** Ubuntu 18.04.4 LTS (Bionic Beaver) with Docker Edit: If I add the domain to an other proxy host in NGINX the website can be opend but of couse with an certificate error. Without a certificate it is not possible to access the website.

kerem added the

stale

bug

labels 2026-02-26 06:36:28 +03:00

kerem commented 2026-02-26 06:36:29 +03:00

Author

Owner

Copy link

@chaptergy commented on GitHub (Dec 30, 2021):

What do the certbot logs say? (see https://github.com/jc21/nginx-proxy-manager/issues/1271#user-content-certificate-error)

<!-- gh-comment-id:1003109623 --> @chaptergy commented on GitHub (Dec 30, 2021): What do the certbot logs say? (see https://github.com/jc21/nginx-proxy-manager/issues/1271#user-content-certificate-error)

kerem commented 2026-02-26 06:36:29 +03:00

Author

Owner

Copy link

@TWART016 commented on GitHub (Dec 30, 2021):

Do you mean the log from /var/log/letsencrypt/letsencrypt.log ?

<!-- gh-comment-id:1003133690 --> @TWART016 commented on GitHub (Dec 30, 2021): Do you mean the log from /var/log/letsencrypt/letsencrypt.log ?

kerem commented 2026-02-26 06:36:29 +03:00

Author

Owner

Copy link

@chaptergy commented on GitHub (Dec 30, 2021):

Yes.

<!-- gh-comment-id:1003136910 --> @chaptergy commented on GitHub (Dec 30, 2021): Yes.

kerem commented 2026-02-26 06:36:29 +03:00

Author

Owner

Copy link

@TWART016 commented on GitHub (Dec 30, 2021):

Here is the log

2021-12-30 19:11:59,904:DEBUG:certbot._internal.main:certbot version: 1.22.0
2021-12-30 19:11:59,905:DEBUG:certbot._internal.main:Location of certbot entry point: /opt/certbot/bin/certbot
2021-12-30 19:11:59,905:DEBUG:certbot._internal.main:Arguments: ['--config', '/etc/letsencrypt.ini', '--cert-name', 'npm-54', '--agree-tos', '--email', 'MY-EMAIL', '--domains', 'pw-local.MYDOMAIN', '--authenticator', 'dns-netcup', '--dns-netcup-credentials', '/etc/letsencrypt/credentials/credentials-54']
2021-12-30 19:11:59,907:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#certbot-dns-netcup:dns-netcup,PluginEntryPoint#dns-netcup,PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2021-12-30 19:11:59,944:DEBUG:certbot._internal.log:Root logging level set at 30
2021-12-30 19:11:59,946:DEBUG:certbot._internal.plugins.selection:Requested authenticator dns-netcup and installer None
2021-12-30 19:11:59,953:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * dns-netcup
Description: Obtain certificates using a DNS TXT record (if you are using netcup for DNS).
Interfaces: Authenticator, Plugin
Entry point: dns-netcup = certbot_dns_netcup:Authenticator
Initialized: <certbot_dns_netcup.Authenticator object at 0x7faa6b035048>
Prep: True
2021-12-30 19:11:59,954:DEBUG:certbot._internal.plugins.selection:Selected authenticator <certbot_dns_netcup.Authenticator object at 0x7faa6b035048> and installer None
2021-12-30 19:11:59,954:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator dns-netcup, Installer None
2021-12-30 19:11:59,974:DEBUG:certbot._internal.main:Picked account: <Account(RegistrationResource(body=Registration(key=None, contact=(), agreement=None, status=None, terms_of_service_agreed=None, only_return_existing=None, external_account_binding=None), uri='https://acme-v02.api.letsencrypt.org/acme/acct/123184766', new_authzr_uri=None, terms_of_service=None), 76b38ddd92b11008964617588dcc1dde, Meta(creation_dt=datetime.datetime(2021, 5, 11, 23, 40, 9, tzinfo=<UTC>), creation_host='eb50e0a13986', register_to_eff=None))>
2021-12-30 19:11:59,975:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
2021-12-30 19:11:59,979:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443
2021-12-30 19:12:00,480:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658
2021-12-30 19:12:00,481:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Thu, 30 Dec 2021 18:12:00 GMT
Content-Type: application/json
Content-Length: 658
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "g3sn83eQ5X0": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
  "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
  "meta": {
    "caaIdentities": [
      "letsencrypt.org"
    ],
    "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf",
    "website": "https://letsencrypt.org"
  },
  "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
  "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
  "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
  "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
}
2021-12-30 19:12:00,482:DEBUG:certbot._internal.display.obj:Notifying user: Requesting a certificate for pw-local.MYDOMAIN
2021-12-30 19:12:00,543:DEBUG:certbot.crypto_util:Generating ECDSA key (2048 bits): /etc/letsencrypt/keys/1984_key-certbot.pem
2021-12-30 19:12:00,602:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/1984_csr-certbot.pem
2021-12-30 19:12:00,604:DEBUG:acme.client:Requesting fresh nonce
2021-12-30 19:12:00,604:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce.
2021-12-30 19:12:00,754:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0
2021-12-30 19:12:00,755:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Thu, 30 Dec 2021 18:12:00 GMT
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 0001Ht8h3JrE16E4RqdHfYvZyyUrZRa9A1j0p6JfDPqi464
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800


2021-12-30 19:12:00,755:DEBUG:acme.client:Storing nonce: 0001Ht8h3JrE16E4RqdHfYvZyyUrZRa9A1j0p6JfDPqi464
2021-12-30 19:12:00,755:DEBUG:acme.client:JWS payload:
b'{\n  "identifiers": [\n    {\n      "type": "dns",\n      "value": "pw-local.MYDOMAIN"\n    }\n  ]\n}'
2021-12-30 19:12:00,758:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTIzMTg0NzY2IiwgIm5vbmNlIjogIjAwMDFIdDhoM0pyRTE2RTRScWRIZll2Wnl5VXJaUmE5QTFqMHA2SmZEUHFpNDY0IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ",
  "signature": "K2gfmAqUuq25cIMqmmUs15HiuuViJDt8zZ3079hSfDRFpPKTWQ-AKoRbCD8qOsJeA6VARfW4pH1YCaqUMBuiYY6AEWuCdVRUUL7gqxLQPS339kv_-DdTWGfoB_W6NM5evdusInT9kOSdYxN6j2xDMybCyrT1xvX-LIxZHGXSp93i_rIoCXNuZWrHe5n_N9ByFa47L-K-GgdVENtc9yaKis7m7YhGLMoTQqOVQnICD_r2bLh_ScCk6-h0gvZO3XALvyU8uT-MgazLBLHW3Ufea6LHfl1PLZzrOLcGckHKy7NxVg0uwWaExv-o46URjYmWtOQRAoSmzhNoprkx3N2EFw",
  "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogInB3LWxvY2FsLnR3aG9tZS5kZSIKICAgIH0KICBdCn0"
}
2021-12-30 19:12:00,937:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 341
2021-12-30 19:12:00,938:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Date: Thu, 30 Dec 2021 18:12:00 GMT
Content-Type: application/json
Content-Length: 341
Connection: keep-alive
Boulder-Requester: 123184766
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Location: https://acme-v02.api.letsencrypt.org/acme/order/123184766/51365826560
Replay-Nonce: 0001kC4klKwPnSpGxE5ADgF0mwX88ezFoYSifxnK18xckyA
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "status": "pending",
  "expires": "2022-01-06T18:12:00Z",
  "identifiers": [
    {
      "type": "dns",
      "value": "pw-local.MYDOMAIN"
    }
  ],
  "authorizations": [
    "https://acme-v02.api.letsencrypt.org/acme/authz-v3/63454505270"
  ],
  "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/123184766/51365826560"
}
2021-12-30 19:12:00,938:DEBUG:acme.client:Storing nonce: 0001kC4klKwPnSpGxE5ADgF0mwX88ezFoYSifxnK18xckyA
2021-12-30 19:12:00,939:DEBUG:acme.client:JWS payload:
b''
2021-12-30 19:12:00,941:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/63454505270:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTIzMTg0NzY2IiwgIm5vbmNlIjogIjAwMDFrQzRrbEt3UG5TcEd4RTVBRGdGMG13WDg4ZXpGb1lTaWZ4bksxOHhja3lBIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My82MzQ1NDUwNTI3MCJ9",
  "signature": "IG52_OrewDE_vgi5V36TqttJz55NJIjfeTfINNM00iYQGGWnIklhiIp29rPjUGGbau2a3Orcq9-0SlsyTFXkTa7VXdlxBsRflLXgcUS0ot9RKg3xPoINm4uZzVsV1Egl2RWORYHZIIx_5Ho-9P1kuveoJXt5CgEaT_tNlYcmHYHSiyL91njiwCGpjGeGKGvbZXU09rfpDIDVYtrZFYKLjvbjovAdvuQR2CE72qRPJk6suK4PLMxKZVfubon-XNYSGjY1aP9bsJb1cLTgWpVW8h4tF1dexF8mGRe1E4UDhQKECP-vga63ZOc5GFGijdkqRQi8ss9useCVEGWaUbxEkw",
  "payload": ""
}
2021-12-30 19:12:01,095:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/63454505270 HTTP/1.1" 200 799
2021-12-30 19:12:01,096:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Thu, 30 Dec 2021 18:12:01 GMT
Content-Type: application/json
Content-Length: 799
Connection: keep-alive
Boulder-Requester: 123184766
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 0001dlK6kFYCSIfS-CZSp6k-JeqmzF7LXQouCrBwSD27SuM
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "pw-local.MYDOMAIN"
  },
  "status": "pending",
  "expires": "2022-01-06T18:12:00Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/63454505270/IJpq3A",
      "token": "PnQ-9yfbSFqqlB7l554FX6c42_Gp6-kwVZRakCgd8gs"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/63454505270/OVgjzg",
      "token": "PnQ-9yfbSFqqlB7l554FX6c42_Gp6-kwVZRakCgd8gs"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/63454505270/TeXa2Q",
      "token": "PnQ-9yfbSFqqlB7l554FX6c42_Gp6-kwVZRakCgd8gs"
    }
  ]
}
2021-12-30 19:12:01,096:DEBUG:acme.client:Storing nonce: 0001dlK6kFYCSIfS-CZSp6k-JeqmzF7LXQouCrBwSD27SuM
2021-12-30 19:12:01,097:INFO:certbot._internal.auth_handler:Performing the following challenges:
2021-12-30 19:12:01,098:INFO:certbot._internal.auth_handler:dns-01 challenge for pw-local.MYDOMAIN
2021-12-30 19:12:01,100:DEBUG:lexicon.providers.netcup:login({})
2021-12-30 19:12:01,103:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): ccp.netcup.net:443
2021-12-30 19:12:01,215:DEBUG:urllib3.connectionpool:https://ccp.netcup.net:443 "POST /run/webservice/servers/endpoint.php?JSON HTTP/1.1" 200 228
2021-12-30 19:12:01,219:DEBUG:lexicon.providers.netcup:infoDnsZone({'domainname': 'pw-local.MYDOMAIN'})
2021-12-30 19:12:01,222:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): ccp.netcup.net:443
2021-12-30 19:12:01,328:DEBUG:urllib3.connectionpool:https://ccp.netcup.net:443 "POST /run/webservice/servers/endpoint.php?JSON HTTP/1.1" 200 188
2021-12-30 19:12:01,331:DEBUG:lexicon.providers.netcup:login({})
2021-12-30 19:12:01,333:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): ccp.netcup.net:443
2021-12-30 19:12:01,455:DEBUG:urllib3.connectionpool:https://ccp.netcup.net:443 "POST /run/webservice/servers/endpoint.php?JSON HTTP/1.1" 200 228
2021-12-30 19:12:01,458:DEBUG:lexicon.providers.netcup:infoDnsZone({'domainname': 'MYDOMAIN'})
2021-12-30 19:12:01,462:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): ccp.netcup.net:443
2021-12-30 19:12:01,619:DEBUG:urllib3.connectionpool:https://ccp.netcup.net:443 "POST /run/webservice/servers/endpoint.php?JSON HTTP/1.1" 200 231
2021-12-30 19:12:01,621:DEBUG:lexicon.providers.netcup:infoDnsRecords({'domainname': 'MYDOMAIN'})
2021-12-30 19:12:01,626:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): ccp.netcup.net:443
2021-12-30 19:12:01,775:DEBUG:urllib3.connectionpool:https://ccp.netcup.net:443 "POST /run/webservice/servers/endpoint.php?JSON HTTP/1.1" 200 556
2021-12-30 19:12:01,778:DEBUG:lexicon.providers.netcup:list_records: []
2021-12-30 19:12:01,778:DEBUG:lexicon.providers.netcup:updateDnsRecords({'domainname': 'MYDOMAIN', 'dnsrecordset': {'dnsrecords': [{'type': 'TXT', 'hostname': '_acme-challenge.pw-local', 'destination': '2NBiB4cFU1DhLuTbcruAEusKe0rQiUxSHbrA5FmA2no'}]}})
2021-12-30 19:12:01,781:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): ccp.netcup.net:443
2021-12-30 19:12:01,963:DEBUG:urllib3.connectionpool:https://ccp.netcup.net:443 "POST /run/webservice/servers/endpoint.php?JSON HTTP/1.1" 200 630
2021-12-30 19:12:01,967:DEBUG:lexicon.providers.netcup:create_record: True
2021-12-30 19:12:01,968:DEBUG:certbot._internal.display.obj:Notifying user: Waiting 10 seconds for DNS changes to propagate
2021-12-30 19:12:11,975:DEBUG:acme.client:JWS payload:
b'{}'
2021-12-30 19:12:11,978:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/63454505270/OVgjzg:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTIzMTg0NzY2IiwgIm5vbmNlIjogIjAwMDFkbEs2a0ZZQ1NJZlMtQ1pTcDZrLUplcW16RjdMWFFvdUNyQndTRDI3U3VNIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbC12My82MzQ1NDUwNTI3MC9PVmdqemcifQ",
  "signature": "SKOK8Q9OVA5QFJvF7MUcwLRQ2W8ROqvO4TNDj-dmMVMmTUQR9eVIyIbfsTnv0JnPkKYifxKoq0Uhj2zR1oyzzX9W1SJamZKm42JL-PzbIl74XZuuIh6lUr2Kfp59u0AlCG7SmzOgjfaX_v8JiTzo2JO3WAQds95VK6ubRB04Qc0NLFRazAqmZ8VZ0Rszb1-fnCMPjWeh75FdVlB4J94zltGBHy2AyJeNr9ejNRJ7iSQu-7ezpq3ksZH2SyDLtxr-pgK-jIg-058PsEVY_rAPb2FXcfPS7jIB83OV3nKjHc8J69Y1IacTprFjZ05JoKEPGEUyQ46YSC5oflGIqu_6eg",
  "payload": "e30"
}
2021-12-30 19:12:12,140:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/63454505270/OVgjzg HTTP/1.1" 200 185
2021-12-30 19:12:12,141:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Thu, 30 Dec 2021 18:12:12 GMT
Content-Type: application/json
Content-Length: 185
Connection: keep-alive
Boulder-Requester: 123184766
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index", <https://acme-v02.api.letsencrypt.org/acme/authz-v3/63454505270>;rel="up"
Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/63454505270/OVgjzg
Replay-Nonce: 00015aiLQ3YBDwgPmuKYvwxLBcvPd7RMVOcfvxzbZZZELd0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "type": "dns-01",
  "status": "pending",
  "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/63454505270/OVgjzg",
  "token": "PnQ-9yfbSFqqlB7l554FX6c42_Gp6-kwVZRakCgd8gs"
}
2021-12-30 19:12:12,141:DEBUG:acme.client:Storing nonce: 00015aiLQ3YBDwgPmuKYvwxLBcvPd7RMVOcfvxzbZZZELd0
2021-12-30 19:12:12,142:INFO:certbot._internal.auth_handler:Waiting for verification...
2021-12-30 19:12:13,143:DEBUG:acme.client:JWS payload:
b''
2021-12-30 19:12:13,145:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/63454505270:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTIzMTg0NzY2IiwgIm5vbmNlIjogIjAwMDE1YWlMUTNZQkR3Z1BtdUtZdnd4TEJjdlBkN1JNVk9jZnZ4emJaWlpFTGQwIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My82MzQ1NDUwNTI3MCJ9",
  "signature": "Vzw4RH_ozwN-mYCh30yD41Gi2DlevWIrPUw6hSFMaJ10wtJkcapJSwiESV6llZx7BSXi-OEEjEcEB9p1jI3Xq2IqauL73fQd-ikFb_zmjVlivB1ctXWYLhDG3uqRQFRY9uah59WbGCvqmKkye_BbVx0MSYq6byulPearhtQqfv4bliw22MCYsckCGY2XOq0erOMmDIviFGCm7-uZml58Av2AmvFKwyZAlzMUx1rUfAQZ_A87VhpCllD5MpAooJ32Rz5CCYwYEEcPu4D_-LFemtZsTrnadNAP85U5WMnHuEVctCE69cKMwXE9UB8bTTdwv05HDFzFfnY_Tp7Vyk-aoQ",
  "payload": ""
}
2021-12-30 19:12:13,299:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/63454505270 HTTP/1.1" 200 630
2021-12-30 19:12:13,300:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Thu, 30 Dec 2021 18:12:13 GMT
Content-Type: application/json
Content-Length: 630
Connection: keep-alive
Boulder-Requester: 123184766
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 0002mzyGvUaEzF2zq8T9kNtnXjSAg5p7N5kKhweHg-WKETI
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "pw-local.MYDOMAIN"
  },
  "status": "invalid",
  "expires": "2022-01-06T18:12:00Z",
  "challenges": [
    {
      "type": "dns-01",
      "status": "invalid",
      "error": {
        "type": "urn:ietf:params:acme:error:unauthorized",
        "detail": "Incorrect TXT record \"pw-local.MYDOMAIN\" found at _acme-challenge.pw-local.MYDOMAIN",
        "status": 403
      },
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/63454505270/OVgjzg",
      "token": "PnQ-9yfbSFqqlB7l554FX6c42_Gp6-kwVZRakCgd8gs",
      "validated": "2021-12-30T18:12:12Z"
    }
  ]
}
2021-12-30 19:12:13,300:DEBUG:acme.client:Storing nonce: 0002mzyGvUaEzF2zq8T9kNtnXjSAg5p7N5kKhweHg-WKETI
2021-12-30 19:12:13,300:INFO:certbot._internal.auth_handler:Challenge failed for domain pw-local.MYDOMAIN
2021-12-30 19:12:13,301:INFO:certbot._internal.auth_handler:dns-01 challenge for pw-local.MYDOMAIN
2021-12-30 19:12:13,301:DEBUG:certbot._internal.display.obj:Notifying user:
Certbot failed to authenticate some domains (authenticator: dns-netcup). The Certificate Authority reported these problems:
  Domain: pw-local.MYDOMAIN
  Type:   unauthorized
  Detail: Incorrect TXT record "pw-local.MYDOMAIN" found at _acme-challenge.pw-local.MYDOMAIN

Hint: The Certificate Authority failed to verify the DNS TXT records created by --dns-netcup. Ensure the above domains are hosted by this DNS provider, or try increasing --dns-netcup-propagation-seconds (currently 10 seconds).

2021-12-30 19:12:13,303:DEBUG:certbot._internal.error_handler:Encountered exception:
Traceback (most recent call last):
  File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/auth_handler.py", line 105, in handle_authorizations
    self._poll_authorizations(authzrs, max_retries, best_effort)
  File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/auth_handler.py", line 205, in _poll_authorizations
    raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.

2021-12-30 19:12:13,303:DEBUG:certbot._internal.error_handler:Calling registered functions
2021-12-30 19:12:13,303:INFO:certbot._internal.auth_handler:Cleaning up challenges
2021-12-30 19:12:13,304:DEBUG:lexicon.providers.netcup:login({})
2021-12-30 19:12:13,307:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): ccp.netcup.net:443
2021-12-30 19:12:13,431:DEBUG:urllib3.connectionpool:https://ccp.netcup.net:443 "POST /run/webservice/servers/endpoint.php?JSON HTTP/1.1" 200 228
2021-12-30 19:12:13,434:DEBUG:lexicon.providers.netcup:infoDnsZone({'domainname': 'pw-local.MYDOMAIN'})
2021-12-30 19:12:13,437:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): ccp.netcup.net:443
2021-12-30 19:12:13,563:DEBUG:urllib3.connectionpool:https://ccp.netcup.net:443 "POST /run/webservice/servers/endpoint.php?JSON HTTP/1.1" 200 188
2021-12-30 19:12:13,565:DEBUG:lexicon.providers.netcup:login({})
2021-12-30 19:12:13,568:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): ccp.netcup.net:443
2021-12-30 19:12:13,687:DEBUG:urllib3.connectionpool:https://ccp.netcup.net:443 "POST /run/webservice/servers/endpoint.php?JSON HTTP/1.1" 200 228
2021-12-30 19:12:13,690:DEBUG:lexicon.providers.netcup:infoDnsZone({'domainname': 'MYDOMAIN'})
2021-12-30 19:12:13,693:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): ccp.netcup.net:443
2021-12-30 19:12:13,855:DEBUG:urllib3.connectionpool:https://ccp.netcup.net:443 "POST /run/webservice/servers/endpoint.php?JSON HTTP/1.1" 200 231
2021-12-30 19:12:13,858:DEBUG:lexicon.providers.netcup:infoDnsRecords({'domainname': 'MYDOMAIN'})
2021-12-30 19:12:13,861:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): ccp.netcup.net:443
2021-12-30 19:12:14,018:DEBUG:urllib3.connectionpool:https://ccp.netcup.net:443 "POST /run/webservice/servers/endpoint.php?JSON HTTP/1.1" 200 609
2021-12-30 19:12:14,021:DEBUG:lexicon.providers.netcup:delete_records: ['46085145']
2021-12-30 19:12:14,022:DEBUG:lexicon.providers.netcup:updateDnsRecords({'domainname': 'MYDOMAIN', 'dnsrecordset': {'dnsrecords': [{'id': '46085145', 'hostname': '_acme-challenge.pw-local.MYDOMAIN', 'type': 'TXT', 'priority': '0', 'destination': '2NBiB4cFU1DhLuTbcruAEusKe0rQiUxSHbrA5FmA2no', 'deleterecord': True, 'state': 'unknown'}]}})
2021-12-30 19:12:14,025:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): ccp.netcup.net:443
2021-12-30 19:12:14,201:DEBUG:urllib3.connectionpool:https://ccp.netcup.net:443 "POST /run/webservice/servers/endpoint.php?JSON HTTP/1.1" 200 574
2021-12-30 19:12:14,204:DEBUG:lexicon.providers.netcup:delete_record: True
2021-12-30 19:12:14,204:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
  File "/opt/certbot/bin/certbot", line 8, in <module>
    sys.exit(main())
  File "/opt/certbot/lib/python3.7/site-packages/certbot/main.py", line 19, in main
    return internal_main.main(cli_args)
  File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/main.py", line 1632, in main
    return config.func(config, plugins)
  File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/main.py", line 1491, in certonly
    lineage = _get_and_save_cert(le_client, config, domains, certname, lineage)
  File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/main.py", line 139, in _get_and_save_cert
    lineage = le_client.obtain_and_enroll_certificate(domains, certname)
  File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/client.py", line 496, in obtain_and_enroll_certificate
    cert, chain, key, _ = self.obtain_certificate(domains)
  File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/client.py", line 424, in obtain_certificate
    orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
  File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/client.py", line 476, in _get_order_and_authorizations
    authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort)
  File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/auth_handler.py", line 105, in handle_authorizations
    self._poll_authorizations(authzrs, max_retries, best_effort)
  File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/auth_handler.py", line 205, in _poll_authorizations
    raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.
2021-12-30 19:12:14,206:ERROR:certbot._internal.log:Some challenges have failed.

Is the destination in Netcup correct pw-local.MYDOMAIN? Do I need a token there?

<!-- gh-comment-id:1003139589 --> @TWART016 commented on GitHub (Dec 30, 2021): Here is the log ``` 2021-12-30 19:11:59,904:DEBUG:certbot._internal.main:certbot version: 1.22.0 2021-12-30 19:11:59,905:DEBUG:certbot._internal.main:Location of certbot entry point: /opt/certbot/bin/certbot 2021-12-30 19:11:59,905:DEBUG:certbot._internal.main:Arguments: ['--config', '/etc/letsencrypt.ini', '--cert-name', 'npm-54', '--agree-tos', '--email', 'MY-EMAIL', '--domains', 'pw-local.MYDOMAIN', '--authenticator', 'dns-netcup', '--dns-netcup-credentials', '/etc/letsencrypt/credentials/credentials-54'] 2021-12-30 19:11:59,907:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#certbot-dns-netcup:dns-netcup,PluginEntryPoint#dns-netcup,PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-12-30 19:11:59,944:DEBUG:certbot._internal.log:Root logging level set at 30 2021-12-30 19:11:59,946:DEBUG:certbot._internal.plugins.selection:Requested authenticator dns-netcup and installer None 2021-12-30 19:11:59,953:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * dns-netcup Description: Obtain certificates using a DNS TXT record (if you are using netcup for DNS). Interfaces: Authenticator, Plugin Entry point: dns-netcup = certbot_dns_netcup:Authenticator Initialized: <certbot_dns_netcup.Authenticator object at 0x7faa6b035048> Prep: True 2021-12-30 19:11:59,954:DEBUG:certbot._internal.plugins.selection:Selected authenticator <certbot_dns_netcup.Authenticator object at 0x7faa6b035048> and installer None 2021-12-30 19:11:59,954:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator dns-netcup, Installer None 2021-12-30 19:11:59,974:DEBUG:certbot._internal.main:Picked account: <Account(RegistrationResource(body=Registration(key=None, contact=(), agreement=None, status=None, terms_of_service_agreed=None, only_return_existing=None, external_account_binding=None), uri='https://acme-v02.api.letsencrypt.org/acme/acct/123184766', new_authzr_uri=None, terms_of_service=None), 76b38ddd92b11008964617588dcc1dde, Meta(creation_dt=datetime.datetime(2021, 5, 11, 23, 40, 9, tzinfo=<UTC>), creation_host='eb50e0a13986', register_to_eff=None))> 2021-12-30 19:11:59,975:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-12-30 19:11:59,979:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-12-30 19:12:00,480:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-12-30 19:12:00,481:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 30 Dec 2021 18:12:00 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "g3sn83eQ5X0": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-12-30 19:12:00,482:DEBUG:certbot._internal.display.obj:Notifying user: Requesting a certificate for pw-local.MYDOMAIN 2021-12-30 19:12:00,543:DEBUG:certbot.crypto_util:Generating ECDSA key (2048 bits): /etc/letsencrypt/keys/1984_key-certbot.pem 2021-12-30 19:12:00,602:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/1984_csr-certbot.pem 2021-12-30 19:12:00,604:DEBUG:acme.client:Requesting fresh nonce 2021-12-30 19:12:00,604:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-12-30 19:12:00,754:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-12-30 19:12:00,755:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 30 Dec 2021 18:12:00 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index" Replay-Nonce: 0001Ht8h3JrE16E4RqdHfYvZyyUrZRa9A1j0p6JfDPqi464 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-12-30 19:12:00,755:DEBUG:acme.client:Storing nonce: 0001Ht8h3JrE16E4RqdHfYvZyyUrZRa9A1j0p6JfDPqi464 2021-12-30 19:12:00,755:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "pw-local.MYDOMAIN"\n }\n ]\n}' 2021-12-30 19:12:00,758:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTIzMTg0NzY2IiwgIm5vbmNlIjogIjAwMDFIdDhoM0pyRTE2RTRScWRIZll2Wnl5VXJaUmE5QTFqMHA2SmZEUHFpNDY0IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "K2gfmAqUuq25cIMqmmUs15HiuuViJDt8zZ3079hSfDRFpPKTWQ-AKoRbCD8qOsJeA6VARfW4pH1YCaqUMBuiYY6AEWuCdVRUUL7gqxLQPS339kv_-DdTWGfoB_W6NM5evdusInT9kOSdYxN6j2xDMybCyrT1xvX-LIxZHGXSp93i_rIoCXNuZWrHe5n_N9ByFa47L-K-GgdVENtc9yaKis7m7YhGLMoTQqOVQnICD_r2bLh_ScCk6-h0gvZO3XALvyU8uT-MgazLBLHW3Ufea6LHfl1PLZzrOLcGckHKy7NxVg0uwWaExv-o46URjYmWtOQRAoSmzhNoprkx3N2EFw", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogInB3LWxvY2FsLnR3aG9tZS5kZSIKICAgIH0KICBdCn0" } 2021-12-30 19:12:00,937:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 341 2021-12-30 19:12:00,938:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Thu, 30 Dec 2021 18:12:00 GMT Content-Type: application/json Content-Length: 341 Connection: keep-alive Boulder-Requester: 123184766 Cache-Control: public, max-age=0, no-cache Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/123184766/51365826560 Replay-Nonce: 0001kC4klKwPnSpGxE5ADgF0mwX88ezFoYSifxnK18xckyA X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2022-01-06T18:12:00Z", "identifiers": [ { "type": "dns", "value": "pw-local.MYDOMAIN" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/63454505270" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/123184766/51365826560" } 2021-12-30 19:12:00,938:DEBUG:acme.client:Storing nonce: 0001kC4klKwPnSpGxE5ADgF0mwX88ezFoYSifxnK18xckyA 2021-12-30 19:12:00,939:DEBUG:acme.client:JWS payload: b'' 2021-12-30 19:12:00,941:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/63454505270: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTIzMTg0NzY2IiwgIm5vbmNlIjogIjAwMDFrQzRrbEt3UG5TcEd4RTVBRGdGMG13WDg4ZXpGb1lTaWZ4bksxOHhja3lBIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My82MzQ1NDUwNTI3MCJ9", "signature": "IG52_OrewDE_vgi5V36TqttJz55NJIjfeTfINNM00iYQGGWnIklhiIp29rPjUGGbau2a3Orcq9-0SlsyTFXkTa7VXdlxBsRflLXgcUS0ot9RKg3xPoINm4uZzVsV1Egl2RWORYHZIIx_5Ho-9P1kuveoJXt5CgEaT_tNlYcmHYHSiyL91njiwCGpjGeGKGvbZXU09rfpDIDVYtrZFYKLjvbjovAdvuQR2CE72qRPJk6suK4PLMxKZVfubon-XNYSGjY1aP9bsJb1cLTgWpVW8h4tF1dexF8mGRe1E4UDhQKECP-vga63ZOc5GFGijdkqRQi8ss9useCVEGWaUbxEkw", "payload": "" } 2021-12-30 19:12:01,095:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/63454505270 HTTP/1.1" 200 799 2021-12-30 19:12:01,096:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 30 Dec 2021 18:12:01 GMT Content-Type: application/json Content-Length: 799 Connection: keep-alive Boulder-Requester: 123184766 Cache-Control: public, max-age=0, no-cache Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index" Replay-Nonce: 0001dlK6kFYCSIfS-CZSp6k-JeqmzF7LXQouCrBwSD27SuM X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "pw-local.MYDOMAIN" }, "status": "pending", "expires": "2022-01-06T18:12:00Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/63454505270/IJpq3A", "token": "PnQ-9yfbSFqqlB7l554FX6c42_Gp6-kwVZRakCgd8gs" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/63454505270/OVgjzg", "token": "PnQ-9yfbSFqqlB7l554FX6c42_Gp6-kwVZRakCgd8gs" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/63454505270/TeXa2Q", "token": "PnQ-9yfbSFqqlB7l554FX6c42_Gp6-kwVZRakCgd8gs" } ] } 2021-12-30 19:12:01,096:DEBUG:acme.client:Storing nonce: 0001dlK6kFYCSIfS-CZSp6k-JeqmzF7LXQouCrBwSD27SuM 2021-12-30 19:12:01,097:INFO:certbot._internal.auth_handler:Performing the following challenges: 2021-12-30 19:12:01,098:INFO:certbot._internal.auth_handler:dns-01 challenge for pw-local.MYDOMAIN 2021-12-30 19:12:01,100:DEBUG:lexicon.providers.netcup:login({}) 2021-12-30 19:12:01,103:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): ccp.netcup.net:443 2021-12-30 19:12:01,215:DEBUG:urllib3.connectionpool:https://ccp.netcup.net:443 "POST /run/webservice/servers/endpoint.php?JSON HTTP/1.1" 200 228 2021-12-30 19:12:01,219:DEBUG:lexicon.providers.netcup:infoDnsZone({'domainname': 'pw-local.MYDOMAIN'}) 2021-12-30 19:12:01,222:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): ccp.netcup.net:443 2021-12-30 19:12:01,328:DEBUG:urllib3.connectionpool:https://ccp.netcup.net:443 "POST /run/webservice/servers/endpoint.php?JSON HTTP/1.1" 200 188 2021-12-30 19:12:01,331:DEBUG:lexicon.providers.netcup:login({}) 2021-12-30 19:12:01,333:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): ccp.netcup.net:443 2021-12-30 19:12:01,455:DEBUG:urllib3.connectionpool:https://ccp.netcup.net:443 "POST /run/webservice/servers/endpoint.php?JSON HTTP/1.1" 200 228 2021-12-30 19:12:01,458:DEBUG:lexicon.providers.netcup:infoDnsZone({'domainname': 'MYDOMAIN'}) 2021-12-30 19:12:01,462:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): ccp.netcup.net:443 2021-12-30 19:12:01,619:DEBUG:urllib3.connectionpool:https://ccp.netcup.net:443 "POST /run/webservice/servers/endpoint.php?JSON HTTP/1.1" 200 231 2021-12-30 19:12:01,621:DEBUG:lexicon.providers.netcup:infoDnsRecords({'domainname': 'MYDOMAIN'}) 2021-12-30 19:12:01,626:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): ccp.netcup.net:443 2021-12-30 19:12:01,775:DEBUG:urllib3.connectionpool:https://ccp.netcup.net:443 "POST /run/webservice/servers/endpoint.php?JSON HTTP/1.1" 200 556 2021-12-30 19:12:01,778:DEBUG:lexicon.providers.netcup:list_records: [] 2021-12-30 19:12:01,778:DEBUG:lexicon.providers.netcup:updateDnsRecords({'domainname': 'MYDOMAIN', 'dnsrecordset': {'dnsrecords': [{'type': 'TXT', 'hostname': '_acme-challenge.pw-local', 'destination': '2NBiB4cFU1DhLuTbcruAEusKe0rQiUxSHbrA5FmA2no'}]}}) 2021-12-30 19:12:01,781:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): ccp.netcup.net:443 2021-12-30 19:12:01,963:DEBUG:urllib3.connectionpool:https://ccp.netcup.net:443 "POST /run/webservice/servers/endpoint.php?JSON HTTP/1.1" 200 630 2021-12-30 19:12:01,967:DEBUG:lexicon.providers.netcup:create_record: True 2021-12-30 19:12:01,968:DEBUG:certbot._internal.display.obj:Notifying user: Waiting 10 seconds for DNS changes to propagate 2021-12-30 19:12:11,975:DEBUG:acme.client:JWS payload: b'{}' 2021-12-30 19:12:11,978:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/63454505270/OVgjzg: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTIzMTg0NzY2IiwgIm5vbmNlIjogIjAwMDFkbEs2a0ZZQ1NJZlMtQ1pTcDZrLUplcW16RjdMWFFvdUNyQndTRDI3U3VNIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbC12My82MzQ1NDUwNTI3MC9PVmdqemcifQ", "signature": "SKOK8Q9OVA5QFJvF7MUcwLRQ2W8ROqvO4TNDj-dmMVMmTUQR9eVIyIbfsTnv0JnPkKYifxKoq0Uhj2zR1oyzzX9W1SJamZKm42JL-PzbIl74XZuuIh6lUr2Kfp59u0AlCG7SmzOgjfaX_v8JiTzo2JO3WAQds95VK6ubRB04Qc0NLFRazAqmZ8VZ0Rszb1-fnCMPjWeh75FdVlB4J94zltGBHy2AyJeNr9ejNRJ7iSQu-7ezpq3ksZH2SyDLtxr-pgK-jIg-058PsEVY_rAPb2FXcfPS7jIB83OV3nKjHc8J69Y1IacTprFjZ05JoKEPGEUyQ46YSC5oflGIqu_6eg", "payload": "e30" } 2021-12-30 19:12:12,140:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/63454505270/OVgjzg HTTP/1.1" 200 185 2021-12-30 19:12:12,141:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 30 Dec 2021 18:12:12 GMT Content-Type: application/json Content-Length: 185 Connection: keep-alive Boulder-Requester: 123184766 Cache-Control: public, max-age=0, no-cache Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index", <https://acme-v02.api.letsencrypt.org/acme/authz-v3/63454505270>;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/63454505270/OVgjzg Replay-Nonce: 00015aiLQ3YBDwgPmuKYvwxLBcvPd7RMVOcfvxzbZZZELd0 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/63454505270/OVgjzg", "token": "PnQ-9yfbSFqqlB7l554FX6c42_Gp6-kwVZRakCgd8gs" } 2021-12-30 19:12:12,141:DEBUG:acme.client:Storing nonce: 00015aiLQ3YBDwgPmuKYvwxLBcvPd7RMVOcfvxzbZZZELd0 2021-12-30 19:12:12,142:INFO:certbot._internal.auth_handler:Waiting for verification... 2021-12-30 19:12:13,143:DEBUG:acme.client:JWS payload: b'' 2021-12-30 19:12:13,145:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/63454505270: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTIzMTg0NzY2IiwgIm5vbmNlIjogIjAwMDE1YWlMUTNZQkR3Z1BtdUtZdnd4TEJjdlBkN1JNVk9jZnZ4emJaWlpFTGQwIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My82MzQ1NDUwNTI3MCJ9", "signature": "Vzw4RH_ozwN-mYCh30yD41Gi2DlevWIrPUw6hSFMaJ10wtJkcapJSwiESV6llZx7BSXi-OEEjEcEB9p1jI3Xq2IqauL73fQd-ikFb_zmjVlivB1ctXWYLhDG3uqRQFRY9uah59WbGCvqmKkye_BbVx0MSYq6byulPearhtQqfv4bliw22MCYsckCGY2XOq0erOMmDIviFGCm7-uZml58Av2AmvFKwyZAlzMUx1rUfAQZ_A87VhpCllD5MpAooJ32Rz5CCYwYEEcPu4D_-LFemtZsTrnadNAP85U5WMnHuEVctCE69cKMwXE9UB8bTTdwv05HDFzFfnY_Tp7Vyk-aoQ", "payload": "" } 2021-12-30 19:12:13,299:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/63454505270 HTTP/1.1" 200 630 2021-12-30 19:12:13,300:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 30 Dec 2021 18:12:13 GMT Content-Type: application/json Content-Length: 630 Connection: keep-alive Boulder-Requester: 123184766 Cache-Control: public, max-age=0, no-cache Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index" Replay-Nonce: 0002mzyGvUaEzF2zq8T9kNtnXjSAg5p7N5kKhweHg-WKETI X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "pw-local.MYDOMAIN" }, "status": "invalid", "expires": "2022-01-06T18:12:00Z", "challenges": [ { "type": "dns-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Incorrect TXT record \"pw-local.MYDOMAIN\" found at _acme-challenge.pw-local.MYDOMAIN", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/63454505270/OVgjzg", "token": "PnQ-9yfbSFqqlB7l554FX6c42_Gp6-kwVZRakCgd8gs", "validated": "2021-12-30T18:12:12Z" } ] } 2021-12-30 19:12:13,300:DEBUG:acme.client:Storing nonce: 0002mzyGvUaEzF2zq8T9kNtnXjSAg5p7N5kKhweHg-WKETI 2021-12-30 19:12:13,300:INFO:certbot._internal.auth_handler:Challenge failed for domain pw-local.MYDOMAIN 2021-12-30 19:12:13,301:INFO:certbot._internal.auth_handler:dns-01 challenge for pw-local.MYDOMAIN 2021-12-30 19:12:13,301:DEBUG:certbot._internal.display.obj:Notifying user: Certbot failed to authenticate some domains (authenticator: dns-netcup). The Certificate Authority reported these problems: Domain: pw-local.MYDOMAIN Type: unauthorized Detail: Incorrect TXT record "pw-local.MYDOMAIN" found at _acme-challenge.pw-local.MYDOMAIN Hint: The Certificate Authority failed to verify the DNS TXT records created by --dns-netcup. Ensure the above domains are hosted by this DNS provider, or try increasing --dns-netcup-propagation-seconds (currently 10 seconds). 2021-12-30 19:12:13,303:DEBUG:certbot._internal.error_handler:Encountered exception: Traceback (most recent call last): File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/auth_handler.py", line 105, in handle_authorizations self._poll_authorizations(authzrs, max_retries, best_effort) File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/auth_handler.py", line 205, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') certbot.errors.AuthorizationError: Some challenges have failed. 2021-12-30 19:12:13,303:DEBUG:certbot._internal.error_handler:Calling registered functions 2021-12-30 19:12:13,303:INFO:certbot._internal.auth_handler:Cleaning up challenges 2021-12-30 19:12:13,304:DEBUG:lexicon.providers.netcup:login({}) 2021-12-30 19:12:13,307:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): ccp.netcup.net:443 2021-12-30 19:12:13,431:DEBUG:urllib3.connectionpool:https://ccp.netcup.net:443 "POST /run/webservice/servers/endpoint.php?JSON HTTP/1.1" 200 228 2021-12-30 19:12:13,434:DEBUG:lexicon.providers.netcup:infoDnsZone({'domainname': 'pw-local.MYDOMAIN'}) 2021-12-30 19:12:13,437:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): ccp.netcup.net:443 2021-12-30 19:12:13,563:DEBUG:urllib3.connectionpool:https://ccp.netcup.net:443 "POST /run/webservice/servers/endpoint.php?JSON HTTP/1.1" 200 188 2021-12-30 19:12:13,565:DEBUG:lexicon.providers.netcup:login({}) 2021-12-30 19:12:13,568:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): ccp.netcup.net:443 2021-12-30 19:12:13,687:DEBUG:urllib3.connectionpool:https://ccp.netcup.net:443 "POST /run/webservice/servers/endpoint.php?JSON HTTP/1.1" 200 228 2021-12-30 19:12:13,690:DEBUG:lexicon.providers.netcup:infoDnsZone({'domainname': 'MYDOMAIN'}) 2021-12-30 19:12:13,693:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): ccp.netcup.net:443 2021-12-30 19:12:13,855:DEBUG:urllib3.connectionpool:https://ccp.netcup.net:443 "POST /run/webservice/servers/endpoint.php?JSON HTTP/1.1" 200 231 2021-12-30 19:12:13,858:DEBUG:lexicon.providers.netcup:infoDnsRecords({'domainname': 'MYDOMAIN'}) 2021-12-30 19:12:13,861:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): ccp.netcup.net:443 2021-12-30 19:12:14,018:DEBUG:urllib3.connectionpool:https://ccp.netcup.net:443 "POST /run/webservice/servers/endpoint.php?JSON HTTP/1.1" 200 609 2021-12-30 19:12:14,021:DEBUG:lexicon.providers.netcup:delete_records: ['46085145'] 2021-12-30 19:12:14,022:DEBUG:lexicon.providers.netcup:updateDnsRecords({'domainname': 'MYDOMAIN', 'dnsrecordset': {'dnsrecords': [{'id': '46085145', 'hostname': '_acme-challenge.pw-local.MYDOMAIN', 'type': 'TXT', 'priority': '0', 'destination': '2NBiB4cFU1DhLuTbcruAEusKe0rQiUxSHbrA5FmA2no', 'deleterecord': True, 'state': 'unknown'}]}}) 2021-12-30 19:12:14,025:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): ccp.netcup.net:443 2021-12-30 19:12:14,201:DEBUG:urllib3.connectionpool:https://ccp.netcup.net:443 "POST /run/webservice/servers/endpoint.php?JSON HTTP/1.1" 200 574 2021-12-30 19:12:14,204:DEBUG:lexicon.providers.netcup:delete_record: True 2021-12-30 19:12:14,204:DEBUG:certbot._internal.log:Exiting abnormally: Traceback (most recent call last): File "/opt/certbot/bin/certbot", line 8, in <module> sys.exit(main()) File "/opt/certbot/lib/python3.7/site-packages/certbot/main.py", line 19, in main return internal_main.main(cli_args) File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/main.py", line 1632, in main return config.func(config, plugins) File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/main.py", line 1491, in certonly lineage = _get_and_save_cert(le_client, config, domains, certname, lineage) File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/main.py", line 139, in _get_and_save_cert lineage = le_client.obtain_and_enroll_certificate(domains, certname) File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/client.py", line 496, in obtain_and_enroll_certificate cert, chain, key, _ = self.obtain_certificate(domains) File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/client.py", line 424, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/client.py", line 476, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort) File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/auth_handler.py", line 105, in handle_authorizations self._poll_authorizations(authzrs, max_retries, best_effort) File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/auth_handler.py", line 205, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') certbot.errors.AuthorizationError: Some challenges have failed. 2021-12-30 19:12:14,206:ERROR:certbot._internal.log:Some challenges have failed. ``` Is the destination in Netcup correct pw-local.MYDOMAIN? Do I need a token there?

kerem commented 2026-02-26 06:36:29 +03:00

Author

Owner

Copy link

@chaptergy commented on GitHub (Jan 1, 2022):

Hm, it's weird that it is an incorrect TXT record and not just no record at all. Have you tried increasing the propagation seconds? By default they seem to be just 10 seconds which might not be enough.

<!-- gh-comment-id:1003586227 --> @chaptergy commented on GitHub (Jan 1, 2022): Hm, it's weird that it is an incorrect TXT record and not just no record at all. Have you tried increasing the propagation seconds? By default they seem to be just 10 seconds which might not be enough.

kerem commented 2026-02-26 06:36:29 +03:00

Author

Owner

Copy link

@TWART016 commented on GitHub (Jan 1, 2022):

I set propagation to 300 seconds but it runs into a timeout.

What should be the TXT record look like?

<!-- gh-comment-id:1003588785 --> @TWART016 commented on GitHub (Jan 1, 2022): I set propagation to 300 seconds but it runs into a timeout. What should be the TXT record look like?

kerem commented 2026-02-26 06:36:29 +03:00

Author

Owner

Copy link

@sumadark commented on GitHub (Jan 13, 2022):

Hi everybody,

I have a similar issue, trying to get a new certificate for a subdomainn here is the content of letsencrypt.log :

2022-01-13 09:57:12,250:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
  File "/opt/certbot/bin/certbot", line 8, in <module>
    sys.exit(main())
  File "/opt/certbot/lib/python3.7/site-packages/certbot/main.py", line 19, in main
    return internal_main.main(cli_args)
  File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/main.py", line 1632, in main
    return config.func(config, plugins)
  File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/main.py", line 1472, in certonly
    installer, auth = plug_sel.choose_configurator_plugins(config, plugins, "certonly")
  File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/plugins/selection.py", line 210, in choose_configurator_plugins
    req_auth, req_inst = cli_plugin_requests(config)
  File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/plugins/selection.py", line 305, in cli_plugin_requests
    req_auth = set_configurator(req_auth, "dns-cloudflare")
  File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/plugins/selection.py", line 276, in set_configurator
    raise errors.PluginSelectionError(msg.format(repr(previously), repr(now)))
certbot.errors.PluginSelectionError: Too many flags setting configurators/installers/authenticators 'webroot' -> 'dns-cloudflare'
2022-01-13 09:57:12,251:ERROR:certbot._internal.log:Too many flags setting configurators/installers/authenticators 'webroot' -> 'dns-cloudflare'

Here is my docker compose :

version: '2'
services:
  app:
    image: 'jc21/nginx-proxy-manager:latest'
    restart: unless-stopped
    ports:
      - '80:80'
      - '81:81'
      - '443:443'
    environment:
      DB_MYSQL_HOST: "db"
      DB_MYSQL_PORT: 3306
      DB_MYSQL_USER: "npm"
      DB_MYSQL_PASSWORD: "npm"
      DB_MYSQL_NAME: "npm"
      DNS_CLOUDFLARE_CREDENTIALS: "/cloudflare.ini"

    volumes:
      - ./data:/data
      - ./letsencrypt:/etc/letsencrypt
      - ./log:/var/log/letsencrypt
      - ./letsencrypt.ini:/etc/letsencrypt.ini:rw
      - ./cloudflare.ini:/cloudflare.ini:ro
  db:
    ports:
      - '3307:3306'
    image: 'mariadb'
    restart: unless-stopped
    environment:
      MYSQL_ROOT_PASSWORD: 'npm'
      MYSQL_DATABASE: 'npm'
      MYSQL_USER: 'npm'
      MYSQL_PASSWORD: 'npm'
    volumes:
      - ./data/mysql:/var/lib/mysql

If someone has an idea about this issue, I would be very glad to read it. Thanks !

<!-- gh-comment-id:1011978935 --> @sumadark commented on GitHub (Jan 13, 2022): Hi everybody, I have a similar issue, trying to get a new certificate for a subdomainn here is the content of letsencrypt.log : ``` 2022-01-13 09:57:12,250:DEBUG:certbot._internal.log:Exiting abnormally: Traceback (most recent call last): File "/opt/certbot/bin/certbot", line 8, in <module> sys.exit(main()) File "/opt/certbot/lib/python3.7/site-packages/certbot/main.py", line 19, in main return internal_main.main(cli_args) File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/main.py", line 1632, in main return config.func(config, plugins) File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/main.py", line 1472, in certonly installer, auth = plug_sel.choose_configurator_plugins(config, plugins, "certonly") File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/plugins/selection.py", line 210, in choose_configurator_plugins req_auth, req_inst = cli_plugin_requests(config) File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/plugins/selection.py", line 305, in cli_plugin_requests req_auth = set_configurator(req_auth, "dns-cloudflare") File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/plugins/selection.py", line 276, in set_configurator raise errors.PluginSelectionError(msg.format(repr(previously), repr(now))) certbot.errors.PluginSelectionError: Too many flags setting configurators/installers/authenticators 'webroot' -> 'dns-cloudflare' 2022-01-13 09:57:12,251:ERROR:certbot._internal.log:Too many flags setting configurators/installers/authenticators 'webroot' -> 'dns-cloudflare' ``` Here is my docker compose : ```yml version: '2' services: app: image: 'jc21/nginx-proxy-manager:latest' restart: unless-stopped ports: - '80:80' - '81:81' - '443:443' environment: DB_MYSQL_HOST: "db" DB_MYSQL_PORT: 3306 DB_MYSQL_USER: "npm" DB_MYSQL_PASSWORD: "npm" DB_MYSQL_NAME: "npm" DNS_CLOUDFLARE_CREDENTIALS: "/cloudflare.ini" volumes: - ./data:/data - ./letsencrypt:/etc/letsencrypt - ./log:/var/log/letsencrypt - ./letsencrypt.ini:/etc/letsencrypt.ini:rw - ./cloudflare.ini:/cloudflare.ini:ro db: ports: - '3307:3306' image: 'mariadb' restart: unless-stopped environment: MYSQL_ROOT_PASSWORD: 'npm' MYSQL_DATABASE: 'npm' MYSQL_USER: 'npm' MYSQL_PASSWORD: 'npm' volumes: - ./data/mysql:/var/lib/mysql ``` If someone has an idea about this issue, I would be very glad to read it. Thanks !

kerem commented 2026-02-26 06:36:29 +03:00

Author

Owner

Copy link

@chaptergy commented on GitHub (Jan 13, 2022):

@sumadark Your problem has nothing to do with the problem discussed in this issue, you are not even using netcup as the domain provider. And I'm pretty sure your issue is due to your own custom letsencrypt.ini and maybe in conjunction with the cloudflare.ini, not sure what that is for. Though we cannot provide support for that.

<!-- gh-comment-id:1012029220 --> @chaptergy commented on GitHub (Jan 13, 2022): @sumadark Your problem has nothing to do with the problem discussed in this issue, you are not even using netcup as the domain provider. And I'm pretty sure your issue is due to your own custom `letsencrypt.ini` and maybe in conjunction with the `cloudflare.ini`, not sure what that is for. Though we cannot provide support for that.

kerem commented 2026-02-26 06:36:29 +03:00

Author

Owner

Copy link

@sumadark commented on GitHub (Jan 13, 2022):

@sumadark Your problem has nothing to do with the problem discussed in this issue, you are not even using netcup as the domain provider. And I'm pretty sure your issue is due to your own custom letsencrypt.ini and maybe in conjunction with the cloudflare.ini, not sure what that is for. Though we cannot provide support for that.

Thanks for your reply...

<!-- gh-comment-id:1012061674 --> @sumadark commented on GitHub (Jan 13, 2022): > @sumadark Your problem has nothing to do with the problem discussed in this issue, you are not even using netcup as the domain provider. And I'm pretty sure your issue is due to your own custom `letsencrypt.ini` and maybe in conjunction with the `cloudflare.ini`, not sure what that is for. Though we cannot provide support for that. Thanks for your reply...

kerem commented 2026-02-26 06:36:29 +03:00

Author

Owner

Copy link

@nickibyte commented on GitHub (Mar 3, 2022):

This might be a bit late, but for the sake of maybe closing the issue here is what I found when fixing a similar problem with the DNS challenge for the provider netcup:

Also I added a TXT entry with Destination: pw-local.MYDOMAIN.

I believe the reason the DNS challenge failed with the "Incorrect TXT record" error is that @TWART016 manually created the _acme-challenge.pw-local.mydomain.de TXT record with the destination pw-local.MYDOMAIN. This record will be automatically created by certbot with a string it gets from Let's Encrypt as the destination and will be deleted after the DNS challenge has been completed. That is why the API key and password are needed, to create/delete this TXT record.

So to fix the issue with the DNS challenge:

1. Delete the manually created _acme-challenge.pw-local.mydomain.de TXT record
2. Redo the DNS challenge with the Propagation Seconds set to 480 (this number worked for me, the default was way to short and I got a "No TXT record" error)

After 8-10 minutes you should have your certificate.

<!-- gh-comment-id:1058158511 --> @nickibyte commented on GitHub (Mar 3, 2022): This might be a bit late, but for the sake of maybe closing the issue here is what I found when fixing a similar problem with the DNS challenge for the provider netcup: > Also I added a TXT entry with Destination: pw-local.MYDOMAIN. I believe the reason the DNS challenge failed with the _"Incorrect TXT record"_ error is that @TWART016 **manually** created the `_acme-challenge.pw-local.mydomain.de` TXT record **with the destination `pw-local.MYDOMAIN`**. This record will be automatically created by certbot with a string it gets from Let's Encrypt as the destination and will be deleted after the DNS challenge has been completed. That is why the API key and password are needed, to create/delete this TXT record. So to fix the issue with the DNS challenge: 1. Delete the manually created `_acme-challenge.pw-local.mydomain.de` TXT record 2. Redo the DNS challenge with the Propagation Seconds set to `480` (this number worked for me, the default was way to short and I got a _"No TXT record"_ error) After 8-10 minutes you should have your certificate.

kerem commented 2026-02-26 06:36:29 +03:00

Author

Owner

Copy link

@LukasOchmann commented on GitHub (Mar 26, 2023):

I have an simular issue, and i tried to set the propagation 480 but that runs in a timeout then ... Is there a way to increase the timeout?
I can see that certbot is createing the __acme-challenge.<subdomain> as a TXT record in netcup.

<!-- gh-comment-id:1484124453 --> @LukasOchmann commented on GitHub (Mar 26, 2023): I have an simular issue, and i tried to set the propagation 480 but that runs in a timeout then ... Is there a way to increase the timeout? I can see that certbot is createing the `__acme-challenge.<subdomain>` as a TXT record in netcup.

kerem commented 2026-02-26 06:36:29 +03:00

Author

Owner

Copy link

@LukasOchmann commented on GitHub (Mar 26, 2023):

The Content of the log-file /var/log/letsencrypt/letsencrypt.log:

Certbot failed to authenticate some domains (authenticator: dns-netcup). The Certificate Authority reported these problems:
  Domain: home.<domain>.de
  Type:   dns
  Detail: DNS problem: SERVFAIL looking up TXT for _acme-challenge.home.<domain>.de - the domain's nameservers may be malfunctioning

Hint: The Certificate Authority failed to verify the DNS TXT records created by --dns-netcup. Ensure the above domains are hosted by this DNS provider, or try increasing --dns-netcup-propagation-seconds (currently 480 seconds).

2023-03-26 15:06:27,010:DEBUG:certbot._internal.error_handler:Encountered exception:
Traceback (most recent call last):
  File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/auth_handler.py", line 108, in handle_authorizations
    self._poll_authorizations(authzrs, max_retries, max_time_mins, best_effort)
  File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/auth_handler.py", line 212, in _poll_authorizations
    raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.

2023-03-26 15:06:27,010:DEBUG:certbot._internal.error_handler:Calling registered functions
2023-03-26 15:06:27,010:INFO:certbot._internal.auth_handler:Cleaning up challenges
2023-03-26 15:06:27,014:DEBUG:lexicon.providers.netcup:login({})
2023-03-26 15:06:27,017:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): ccp.netcup.net:443
2023-03-26 15:06:27,145:DEBUG:urllib3.connectionpool:https://ccp.netcup.net:443 "POST /run/webservice/servers/endpoint.php?JSON HTTP/1.1" 200 229
2023-03-26 15:06:27,149:DEBUG:lexicon.providers.netcup:infoDnsZone({'domainname': 'home.<domain>.de'})
2023-03-26 15:06:27,153:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): ccp.netcup.net:443
2023-03-26 15:06:27,277:DEBUG:urllib3.connectionpool:https://ccp.netcup.net:443 "POST /run/webservice/servers/endpoint.php?JSON HTTP/1.1" 200 187
2023-03-26 15:06:27,281:DEBUG:lexicon.providers.netcup:login({})
2023-03-26 15:06:27,285:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): ccp.netcup.net:443
2023-03-26 15:06:27,413:DEBUG:urllib3.connectionpool:https://ccp.netcup.net:443 "POST /run/webservice/servers/endpoint.php?JSON HTTP/1.1" 200 229
2023-03-26 15:06:27,417:DEBUG:lexicon.providers.netcup:infoDnsZone({'domainname': '<domain>.de'})
2023-03-26 15:06:27,421:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): ccp.netcup.net:443
2023-03-26 15:06:27,562:DEBUG:urllib3.connectionpool:https://ccp.netcup.net:443 "POST /run/webservice/servers/endpoint.php?JSON HTTP/1.1" 200 241
2023-03-26 15:06:27,566:DEBUG:lexicon.providers.netcup:infoDnsRecords({'domainname': '<domain>.de'})
2023-03-26 15:06:27,570:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): ccp.netcup.net:443
2023-03-26 15:06:27,700:DEBUG:urllib3.connectionpool:https://ccp.netcup.net:443 "POST /run/webservice/servers/endpoint.php?JSON HTTP/1.1" 200 458
2023-03-26 15:06:27,704:DEBUG:lexicon.providers.netcup:delete_records: ['69102461']
2023-03-26 15:06:27,704:DEBUG:lexicon.providers.netcup:updateDnsRecords({'domainname': '<domain>.de', 'dnsrecordset': {'dnsrecords': [{'id': '69102461', 'hostname': '_acme-challenge.home.<domain>.de', 'type': 'TXT', 'priority': '0', 'destination': '<TXT_RECORD-entry', 'deleterecord': True, 'state': 'yes'}]}})
2023-03-26 15:06:27,708:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): ccp.netcup.net:443
2023-03-26 15:06:27,872:DEBUG:urllib3.connectionpool:https://ccp.netcup.net:443 "POST /run/webservice/servers/endpoint.php?JSON HTTP/1.1" 200 411
2023-03-26 15:06:27,876:DEBUG:lexicon.providers.netcup:delete_record: True
2023-03-26 15:06:27,877:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
  File "/usr/bin/certbot", line 8, in <module>
    sys.exit(main())
  File "/opt/certbot/lib/python3.7/site-packages/certbot/main.py", line 19, in main
    return internal_main.main(cli_args)
  File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/main.py", line 1864, in main
    return config.func(config, plugins)
  File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/main.py", line 1597, in certonly
    lineage = _get_and_save_cert(le_client, config, domains, certname, lineage)
  File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/main.py", line 141, in _get_and_save_cert
    lineage = le_client.obtain_and_enroll_certificate(domains, certname)
  File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/client.py", line 516, in obtain_and_enroll_certificate
    cert, chain, key, _ = self.obtain_certificate(domains)
  File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/client.py", line 428, in obtain_certificate
    orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
  File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/client.py", line 496, in _get_order_and_authorizations
    authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort)
  File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/auth_handler.py", line 108, in handle_authorizations
    self._poll_authorizations(authzrs, max_retries, max_time_mins, best_effort)
  File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/auth_handler.py", line 212, in _poll_authorizations
    raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.
2023-03-26 15:06:27,880:ERROR:certbot._internal.log:Some challenges have failed.

<!-- gh-comment-id:1484126543 --> @LukasOchmann commented on GitHub (Mar 26, 2023): The Content of the log-file `/var/log/letsencrypt/letsencrypt.log`: ``` Certbot failed to authenticate some domains (authenticator: dns-netcup). The Certificate Authority reported these problems: Domain: home.<domain>.de Type: dns Detail: DNS problem: SERVFAIL looking up TXT for _acme-challenge.home.<domain>.de - the domain's nameservers may be malfunctioning Hint: The Certificate Authority failed to verify the DNS TXT records created by --dns-netcup. Ensure the above domains are hosted by this DNS provider, or try increasing --dns-netcup-propagation-seconds (currently 480 seconds). 2023-03-26 15:06:27,010:DEBUG:certbot._internal.error_handler:Encountered exception: Traceback (most recent call last): File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/auth_handler.py", line 108, in handle_authorizations self._poll_authorizations(authzrs, max_retries, max_time_mins, best_effort) File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/auth_handler.py", line 212, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') certbot.errors.AuthorizationError: Some challenges have failed. 2023-03-26 15:06:27,010:DEBUG:certbot._internal.error_handler:Calling registered functions 2023-03-26 15:06:27,010:INFO:certbot._internal.auth_handler:Cleaning up challenges 2023-03-26 15:06:27,014:DEBUG:lexicon.providers.netcup:login({}) 2023-03-26 15:06:27,017:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): ccp.netcup.net:443 2023-03-26 15:06:27,145:DEBUG:urllib3.connectionpool:https://ccp.netcup.net:443 "POST /run/webservice/servers/endpoint.php?JSON HTTP/1.1" 200 229 2023-03-26 15:06:27,149:DEBUG:lexicon.providers.netcup:infoDnsZone({'domainname': 'home.<domain>.de'}) 2023-03-26 15:06:27,153:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): ccp.netcup.net:443 2023-03-26 15:06:27,277:DEBUG:urllib3.connectionpool:https://ccp.netcup.net:443 "POST /run/webservice/servers/endpoint.php?JSON HTTP/1.1" 200 187 2023-03-26 15:06:27,281:DEBUG:lexicon.providers.netcup:login({}) 2023-03-26 15:06:27,285:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): ccp.netcup.net:443 2023-03-26 15:06:27,413:DEBUG:urllib3.connectionpool:https://ccp.netcup.net:443 "POST /run/webservice/servers/endpoint.php?JSON HTTP/1.1" 200 229 2023-03-26 15:06:27,417:DEBUG:lexicon.providers.netcup:infoDnsZone({'domainname': '<domain>.de'}) 2023-03-26 15:06:27,421:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): ccp.netcup.net:443 2023-03-26 15:06:27,562:DEBUG:urllib3.connectionpool:https://ccp.netcup.net:443 "POST /run/webservice/servers/endpoint.php?JSON HTTP/1.1" 200 241 2023-03-26 15:06:27,566:DEBUG:lexicon.providers.netcup:infoDnsRecords({'domainname': '<domain>.de'}) 2023-03-26 15:06:27,570:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): ccp.netcup.net:443 2023-03-26 15:06:27,700:DEBUG:urllib3.connectionpool:https://ccp.netcup.net:443 "POST /run/webservice/servers/endpoint.php?JSON HTTP/1.1" 200 458 2023-03-26 15:06:27,704:DEBUG:lexicon.providers.netcup:delete_records: ['69102461'] 2023-03-26 15:06:27,704:DEBUG:lexicon.providers.netcup:updateDnsRecords({'domainname': '<domain>.de', 'dnsrecordset': {'dnsrecords': [{'id': '69102461', 'hostname': '_acme-challenge.home.<domain>.de', 'type': 'TXT', 'priority': '0', 'destination': '<TXT_RECORD-entry', 'deleterecord': True, 'state': 'yes'}]}}) 2023-03-26 15:06:27,708:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): ccp.netcup.net:443 2023-03-26 15:06:27,872:DEBUG:urllib3.connectionpool:https://ccp.netcup.net:443 "POST /run/webservice/servers/endpoint.php?JSON HTTP/1.1" 200 411 2023-03-26 15:06:27,876:DEBUG:lexicon.providers.netcup:delete_record: True 2023-03-26 15:06:27,877:DEBUG:certbot._internal.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 8, in <module> sys.exit(main()) File "/opt/certbot/lib/python3.7/site-packages/certbot/main.py", line 19, in main return internal_main.main(cli_args) File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/main.py", line 1864, in main return config.func(config, plugins) File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/main.py", line 1597, in certonly lineage = _get_and_save_cert(le_client, config, domains, certname, lineage) File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/main.py", line 141, in _get_and_save_cert lineage = le_client.obtain_and_enroll_certificate(domains, certname) File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/client.py", line 516, in obtain_and_enroll_certificate cert, chain, key, _ = self.obtain_certificate(domains) File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/client.py", line 428, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/client.py", line 496, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort) File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/auth_handler.py", line 108, in handle_authorizations self._poll_authorizations(authzrs, max_retries, max_time_mins, best_effort) File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/auth_handler.py", line 212, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') certbot.errors.AuthorizationError: Some challenges have failed. 2023-03-26 15:06:27,880:ERROR:certbot._internal.log:Some challenges have failed. ```

kerem commented 2026-02-26 06:36:29 +03:00

Author

Owner

Copy link

@bernhardkaindl commented on GitHub (Nov 15, 2023):

Same here. I opened https://github.com/coldfix/certbot-dns-netcup/issues/28 to let https://github.com/coldfix/certbot-dns-netcup pick a default time which should work. I needs to be above 600 as the zone reload time of Netcup is 10 Minutes, confirmed by many in Netcup's customer forum.

@LukasOchmann https://pypi.org/project/certbot-dns-netcup/ says at least 600 seconds is needed for Netcup (and likely even then may need some tries), and 900 seconds should really work.

On the Nginx-proxy-manager side, the Nginx-proxy-manager Web UI should be fixed to not time out after just a minute to allow for longer DNS Challenge propagation times:

Currently, it shows a red error bar long before that, but certbot thankfully continue to wait for 900 seconds and finishes its work.

While waiting, to check the status, you can open a shell in the container and run tail -f /tmp/letsencrypt-log/letsencrypt.log

After you see the successfully certbot completion in the log, just reload the Nginx Proxy Manager web UI and you should see your proxy as Online.

https://github.com/coldfix/certbot-dns-netcup

See https://github.com/coldfix/certbot-dns-netcup/issues/28

Update: As confirmed in German forum discussions in forum.netcup.de, the observation of customers is that Netcup runs the actual DNS zone updates every 15 minutes, apparently on a cron-like schedule each hour, seemingly like starting at minute 00, 15, 30 and 45.

<!-- gh-comment-id:1811699653 --> @bernhardkaindl commented on GitHub (Nov 15, 2023): Same here. I opened https://github.com/coldfix/certbot-dns-netcup/issues/28 to let https://github.com/coldfix/certbot-dns-netcup pick a default time which should work. I needs to be above 600 as the zone reload time of Netcup is 10 Minutes, confirmed by many in Netcup's customer forum. @LukasOchmann https://pypi.org/project/certbot-dns-netcup/ says at least 600 seconds is needed for Netcup (and likely even then may need some tries), and 900 seconds should really work. On the Nginx-proxy-manager side, the Nginx-proxy-manager Web UI should be fixed to not time out after just a minute to allow for longer DNS Challenge propagation times: Currently, it shows a red error bar long before that, but `certbot` thankfully continue to wait for 900 seconds and finishes its work. While waiting, to check the status, you can open a shell in the container and run `tail -f /tmp/letsencrypt-log/letsencrypt.log` After you see the successfully `certbot` completion in the log, just reload the Nginx Proxy Manager web UI and you should see your proxy as `Online`. https://github.com/coldfix/certbot-dns-netcup See https://github.com/coldfix/certbot-dns-netcup/issues/28 Update: As confirmed in German forum discussions in forum.netcup.de, the observation of customers is that Netcup runs the actual DNS zone updates every 15 minutes, apparently on a cron-like schedule each hour, seemingly like starting at minute `00`, `15`, `30` and `45`.

kerem commented 2026-02-26 06:36:29 +03:00

Author

Owner

Copy link

@github-actions[bot] commented on GitHub (Jun 26, 2024):

Issue is now considered stale. If you want to keep it open, please comment 👍

<!-- gh-comment-id:2190381868 --> @github-actions[bot] commented on GitHub (Jun 26, 2024): Issue is now considered stale. If you want to keep it open, please comment :+1:

kerem commented 2026-02-26 06:36:29 +03:00

Author

Owner

Copy link

@github-actions[bot] commented on GitHub (Apr 13, 2025):

Issue is now considered stale. If you want to keep it open, please comment 👍

<!-- gh-comment-id:2799553523 --> @github-actions[bot] commented on GitHub (Apr 13, 2025): Issue is now considered stale. If you want to keep it open, please comment :+1:

kerem commented 2026-02-26 06:36:29 +03:00

Author

Owner

Copy link

@bernhardkaindl commented on GitHub (Jul 24, 2025):

This should be fixed with #28.

<!-- gh-comment-id:3114773910 --> @bernhardkaindl commented on GitHub (Jul 24, 2025): This should be fixed with #28.

kerem commented 2026-02-26 06:36:29 +03:00

Author

Owner

Copy link

@github-actions[bot] commented on GitHub (Feb 21, 2026):

Issue is now considered stale. If you want to keep it open, please comment 👍

<!-- gh-comment-id:3937948967 --> @github-actions[bot] commented on GitHub (Feb 21, 2026): Issue is now considered stale. If you want to keep it open, please comment :+1:

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

develop

dependabot/npm_and_yarn/backend/liquidjs-10.25.7

dependabot/npm_and_yarn/frontend/prod-minor-updates-2a16bf3987

dependabot/npm_and_yarn/frontend/dev-patch-updates-754666cf41

dependabot/npm_and_yarn/backend/basic-ftp-5.3.0

dependabot/npm_and_yarn/test/follow-redirects-1.16.0

dependabot/npm_and_yarn/test/axios-1.15.0

dependabot/npm_and_yarn/frontend/lodash-4.18.1

dependabot/npm_and_yarn/backend/lodash-4.18.1

dependabot/npm_and_yarn/test/lodash-4.18.1

dependabot/npm_and_yarn/frontend/vite-7.3.2

dependabot/npm_and_yarn/backend/prod-minor-updates-5ec19a7f21

dependabot/npm_and_yarn/frontend/lodash-es-4.18.1

dependabot/npm_and_yarn/frontend/happy-dom-20.8.9

dependabot/npm_and_yarn/backend/path-to-regexp-8.4.0

dependabot/npm_and_yarn/frontend/picomatch-4.0.4

dependabot/npm_and_yarn/backend/picomatch-2.3.2

dependabot/npm_and_yarn/frontend/yaml-1.10.3

dependabot/npm_and_yarn/test/flatted-3.4.2

dependabot/npm_and_yarn/test/tar-7.5.11

dependabot/npm_and_yarn/frontend/immutable-5.1.5

master

dependabot/npm_and_yarn/test/glob-10.5.0

dependabot/npm_and_yarn/frontend/mdast-util-to-hast-13.2.1

dependabot/npm_and_yarn/test/form-data-4.0.4

v3-abandoned

bump-freedns

openidc

ssl-passthrough-hosts

static-content

v2.14.0

v2.13.7

v2.13.6

v2.13.5

v2.13.4

v2.13.3

v2.13.2

v2.13.1

v2.13.0

v2.12.6

v2.12.5

v2.12.4

v2.12.3

v2.12.2

v2.12.1

v2.12.0

v2.11.3

v2.11.2

v2.11.1

v2.11.0

v2.10.4

v2.10.3

v2.10.2

v2.10.1

v2.10.0

v2.9.22

v2.9.21

v2.9.20

v2.9.19

v2.9.18

v2.9.17

v2.9.16

v2.9.15

v2.9.14

v2.9.13

v2.9.12

v2.9.11

v2.9.10

v2.9.9

v2.9.8

v2.9.7

v2.9.6

v2.9.5

v2.9.4

v2.9.3

v2.9.2

v2.9.1

v2.9.0

v2.8.1

v2.8.0

v2.7.3

v2.7.2

v2.7.1

v2.7.0

v2.6.2

v2.6.1

v2.6.0

v2.5.0

v2.4.0

v2.3.1

v2.3.0

v2.2.4

v2.2.3

v2.2.2

v2.2.1

v2.2.0

v2.1.2

v2.1.1

v2.1.0

2.0.14

2.0.13

2.0.12

2.0.11

2.0.10

2.0.9

2.0.8

2.0.7

2.0.6

2.0.5

2.0.4

2.0.3

2.0.2

2.0.0

v2.0.0

1.1.2

1.1.1

1.0.1

Labels

Clear labels   

awaiting feedback

  

bug

  

cannot reproduce

  

dns provider request

  

duplicate

  

enhancement

  

enhancement

  

enhancement

  

good first issue

  

help wanted

  

invalid

  

need more info

  

no certbot plugin available

  

product-support

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

stale

  

troll

  

upstream issue

  

v2

  

v2

  

v2

  

v3

  

wontfix

No labels

awaiting feedback

bug

cannot reproduce

dns provider request

duplicate

enhancement

enhancement

enhancement

good first issue

help wanted

invalid

need more info

no certbot plugin available

product-support

pull-request

question

stale

troll

upstream issue

v2

v2

v2

v3

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/nginx-proxy-manager-NginxProxyManager#1268

No description provided.