[GH-ISSUE #2439] Unable to check for site reachability/create SSLs on Debian 11 #1712

New issue

Open

opened 2026-02-26 07:32:09 +03:00 by kerem · 17 comments

kerem commented 2026-02-26 07:32:09 +03:00

Owner

Copy link

Originally created by @dnburgess on GitHub (Nov 29, 2022).
Original GitHub issue: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/2439

Checklist

• Have you pulled and found the error with jc21/nginx-proxy-manager:latest docker image? Yes
• Are you sure you're not using someone else's docker image? Yes
• Have you searched for similar issues (both open and closed)? Yes

Describe the bug
When trying to "Test Server Reachability", I get the following error on the dashboard:
Communication with the API failed, is NPM running correctly?

When looking into the container logs, I get this error:

QueryBuilder#allowEager method is deprecated. You should use allowGraph instead. allowEager method will be removed in 3.0
QueryBuilder#eager method is deprecated. You should use the withGraphFetched method instead. eager method will be removed in 3.0
QueryBuilder#omit is deprecated. This method will be removed in version 3.0
Model#$omit is deprected and will be removed in 3.0.
[11/29/2022] [4:59:56 PM] [SSL ] › ℹ info Testing http challenge for pics.mysite.com
Uncaught SyntaxError: Unexpected end of JSON input
FROM
./run: line 19: 331 Trace/breakpoint trap (core dumped) node --abort_on_uncaught_exception --max_old_space_size=250 index.js

Nginx Proxy Manager Version
v2.9.19

To Reproduce
Steps to reproduce the behavior:

1. Go to add SSL
2. Click on Let's Encrypt
3. Add Domain
4. Click "Test Server Reachability"
5. See error

Expected behavior
I expect it to tell me whether or not it can reach the domain so I can generate the SSL.
This has only started happening recently

Operating System
Debian 11 on Linode

Additional context
I've also tried downgrading as far down as 2.9.15 just to troubleshoot. I'm able to use the sites that were up prior to the issues starting, but I'm unable to add any additional SSLs, which prevents me from adding more domains.

Originally created by @dnburgess on GitHub (Nov 29, 2022). Original GitHub issue: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/2439 **Checklist** - Have you pulled and found the error with `jc21/nginx-proxy-manager:latest` docker image? Yes - Are you sure you're not using someone else's docker image? Yes - Have you searched for similar issues (both open and closed)? Yes **Describe the bug** When trying to "Test Server Reachability", I get the following error on the dashboard: Communication with the API failed, is NPM running correctly? When looking into the container logs, I get this error: `QueryBuilder#allowEager` method is deprecated. You should use `allowGraph` instead. `allowEager` method will be removed in 3.0 `QueryBuilder#eager` method is deprecated. You should use the `withGraphFetched` method instead. `eager` method will be removed in 3.0 QueryBuilder#omit is deprecated. This method will be removed in version 3.0 Model#$omit is deprected and will be removed in 3.0. [11/29/2022] [4:59:56 PM] [SSL ] › ℹ info Testing http challenge for pics.mysite.com Uncaught SyntaxError: Unexpected end of JSON input FROM ./run: line 19: 331 Trace/breakpoint trap (core dumped) node --abort_on_uncaught_exception --max_old_space_size=250 index.js **Nginx Proxy Manager Version** v2.9.19 **To Reproduce** Steps to reproduce the behavior: 1. Go to add SSL 2. Click on Let's Encrypt 3. Add Domain 4. Click "Test Server Reachability" 5. See error **Expected behavior** I expect it to tell me whether or not it can reach the domain so I can generate the SSL. This has only started happening recently **Operating System** Debian 11 on Linode **Additional context** I've also tried downgrading as far down as 2.9.15 just to troubleshoot. I'm able to use the sites that were up prior to the issues starting, but I'm unable to add any additional SSLs, which prevents me from adding more domains.

kerem added the

stale

bug

labels 2026-02-26 07:32:09 +03:00

kerem commented 2026-02-26 07:32:10 +03:00

Author

Owner

Copy link

@danny6167 commented on GitHub (Nov 29, 2022):

Also getting hit by this.
The code is calling an external API here, and when that API fails and returns a non-json formated response the process crashes as the exception isn't handled.

github.com/NginxProxyManager/nginx-proxy-manager@fd30cfe98b/backend/internal/certificate.js (L1169)

<!-- gh-comment-id:1331080500 --> @danny6167 commented on GitHub (Nov 29, 2022): Also getting hit by this. The code is calling an external API here, and when that API fails and returns a non-json formated response the process crashes as the exception isn't handled. https://github.com/NginxProxyManager/nginx-proxy-manager/blob/fd30cfe98bba365e9630a791bdc86f01c08c6fa1/backend/internal/certificate.js#L1169

kerem commented 2026-02-26 07:32:10 +03:00

Author

Owner

Copy link

@dnburgess commented on GitHub (Nov 29, 2022):

Turns out that I'm still able to pull SSLs, but not able to see if the domain is reachable. Not sure about much else at this point...

<!-- gh-comment-id:1331083054 --> @dnburgess commented on GitHub (Nov 29, 2022): Turns out that I'm still able to pull SSLs, but not able to see if the domain is reachable. Not sure about much else at this point...

kerem commented 2026-02-26 07:32:10 +03:00

Author

Owner

Copy link

@TEALC82 commented on GitHub (Nov 30, 2022):

Hello I have the same problem. I reinstalled everything but no change.

<!-- gh-comment-id:1331809794 --> @TEALC82 commented on GitHub (Nov 30, 2022): Hello I have the same problem. I reinstalled everything but no change.

kerem commented 2026-02-26 07:32:10 +03:00

Author

Owner

Copy link

@javierhuerta commented on GitHub (Dec 1, 2022):

Hello i have the same problem.

<!-- gh-comment-id:1334228225 --> @javierhuerta commented on GitHub (Dec 1, 2022): Hello i have the same problem.

kerem commented 2026-02-26 07:32:10 +03:00

Author

Owner

Copy link

@tgaertner commented on GitHub (Jan 10, 2023):

Same problem, installed NPM yesterday on my server. Can't even create my first ssl cert - this makes this software quite useless...

<!-- gh-comment-id:1377753331 --> @tgaertner commented on GitHub (Jan 10, 2023): Same problem, installed NPM yesterday on my server. Can't even create my first ssl cert - this makes this software quite useless...

kerem commented 2026-02-26 07:32:10 +03:00

Author

Owner

Copy link

@danny6167 commented on GitHub (Jan 10, 2023):

The site reachability test fails, but the actual SSL certificate issuing should work fine.

<!-- gh-comment-id:1377809809 --> @danny6167 commented on GitHub (Jan 10, 2023): The site reachability test fails, but the actual SSL certificate issuing should work fine.

kerem commented 2026-02-26 07:32:10 +03:00

Author

Owner

Copy link

@tgaertner commented on GitHub (Jan 10, 2023):

@danny6167 Yea! You are right. Never tried it before since the check failed :-) Finally I have ssl available for my domains. Thanks for this hint. Saved my day :-)

<!-- gh-comment-id:1377847266 --> @tgaertner commented on GitHub (Jan 10, 2023): @danny6167 Yea! You are right. Never tried it before since the check failed :-) Finally I have ssl available for my domains. Thanks for this hint. Saved my day :-)

kerem commented 2026-02-26 07:32:10 +03:00

Author

Owner

Copy link

@fritzmg commented on GitHub (Apr 5, 2023):

The site reachability test fails, but the actual SSL certificate issuing should work fine.

Yep, can confirm that as well.

<!-- gh-comment-id:1497358513 --> @fritzmg commented on GitHub (Apr 5, 2023): > The site reachability test fails, but the actual SSL certificate issuing should work fine. Yep, can confirm that as well.

kerem commented 2026-02-26 07:32:10 +03:00

Author

Owner

Copy link

@FroggMaster commented on GitHub (Apr 6, 2023):

I can confirm that I encounter the same error: "Communication with the API failed, is NPM running correctly?" with the "Test Server Reachability" on the latest build 2.10.2.

I am wondering if @jc21 requires any additional information for troubleshooting to correct this. If I can provide anything that might help I'll be happy to do so! :)

<!-- gh-comment-id:1498790241 --> @FroggMaster commented on GitHub (Apr 6, 2023): I can confirm that I encounter the same error: "Communication with the API failed, is NPM running correctly?" with the "Test Server Reachability" on the latest build 2.10.2. I am wondering if @jc21 requires any additional information for troubleshooting to correct this. If I can provide anything that might help I'll be happy to do so! :)

kerem commented 2026-02-26 07:32:10 +03:00

Author

Owner

Copy link

@etymotic commented on GitHub (Sep 4, 2023):

If anyone wants to give this a try:

My setup is NPM docker running on the same virtual machine as all of my other docker stuff. I use AdGueard Home, with a DNS rewrite of *.mydomain.com - > Local IP of NPM. I figured there was probably some sort of problem of NPM trying to reach stuff but just getting redirected and never leaving my LAN...

So I set up wireguard in the virtual machine that runs all of my docker stuff. I have a subscription to AirVPN and used their config generator. With the VPN connected, I'm able to add/renew certificates.

My guess is that the VPN forces traffic to leave my LAN, which helps things renew properly. Either that, or it just randomly started working while I was messing around with it.

<!-- gh-comment-id:1704473119 --> @etymotic commented on GitHub (Sep 4, 2023): If anyone wants to give this a try: My setup is NPM docker running on the same virtual machine as all of my other docker stuff. I use AdGueard Home, with a DNS rewrite of *.mydomain.com - > Local IP of NPM. I figured there was probably some sort of problem of NPM trying to reach stuff but just getting redirected and never leaving my LAN... So I set up wireguard in the virtual machine that runs all of my docker stuff. I have a subscription to AirVPN and used their config generator. With the VPN connected, I'm able to add/renew certificates. My guess is that the VPN forces traffic to leave my LAN, which helps things renew properly. Either that, or it just randomly started working while I was messing around with it.

kerem commented 2026-02-26 07:32:10 +03:00

Author

Owner

Copy link

@github-actions[bot] commented on GitHub (Apr 22, 2024):

Issue is now considered stale. If you want to keep it open, please comment 👍

<!-- gh-comment-id:2068345688 --> @github-actions[bot] commented on GitHub (Apr 22, 2024): Issue is now considered stale. If you want to keep it open, please comment :+1:

kerem commented 2026-02-26 07:32:10 +03:00

Author

Owner

Copy link

@arsenicks commented on GitHub (May 13, 2024):

Adding the ability to use a custom dns server for the test would probably be the easiest fix for this. I think a lot of people are using a local dns server that resolv to local ip. If the prompt would let us set an external dns server to use, that would fix the issue.

<!-- gh-comment-id:2107492185 --> @arsenicks commented on GitHub (May 13, 2024): Adding the ability to use a custom dns server for the test would probably be the easiest fix for this. I think a lot of people are using a local dns server that resolv to local ip. If the prompt would let us set an external dns server to use, that would fix the issue.

kerem commented 2026-02-26 07:32:10 +03:00

Author

Owner

Copy link

@danny6167 commented on GitHub (May 13, 2024):

The test that is failing in this issue report is not DNS based.

That would be an entirely different type of test and wouldn't actually test reachability.

<!-- gh-comment-id:2107562755 --> @danny6167 commented on GitHub (May 13, 2024): The test that is failing in this issue report is not DNS based. That would be an entirely different type of test and wouldn't actually test reachability.

kerem commented 2026-02-26 07:32:10 +03:00

Author

Owner

Copy link

@github-actions[bot] commented on GitHub (Jan 20, 2025):

Issue is now considered stale. If you want to keep it open, please comment 👍

<!-- gh-comment-id:2601174125 --> @github-actions[bot] commented on GitHub (Jan 20, 2025): Issue is now considered stale. If you want to keep it open, please comment :+1:

kerem commented 2026-02-26 07:32:10 +03:00

Author

Owner

Copy link

@theking2 commented on GitHub (Feb 16, 2025):

Let's encrypt reachability is done over port 80. So you

1. have to make sure port 80 is mapped to the external port of you container/server
2. if it is a docker container make sure the external port is mapped to port 80 of the container.

In my case

1. the docker maps port 9080 to port 80 of npm
2. I had to make sure the internet router NAT mapped port 80 to port 9080 of the host of the container

In short from extern to intern

ip	port	device	na
wan ip	80	router	9080
docker ip	9080	npm	80

The intermediate port is not relevant but make sure that in effect the wan:80 port is mapped to the internal:80 port of the docker.

<!-- gh-comment-id:2661595089 --> @theking2 commented on GitHub (Feb 16, 2025): Let's encrypt reachability is done over port 80. So you 1. have to make sure port 80 is mapped to the external port of you container/server 2. if it is a docker container make sure the external port is mapped to port 80 of the container. In my case 1. the docker maps port 9080 to port 80 of npm 2. I had to make sure the internet router NAT mapped port 80 to port 9080 of the host of the container In short from extern to intern ip | port | device | na -- | ---- | ------ | -- wan ip | 80 | router | 9080 docker ip | 9080 | npm | 80 The intermediate port is not relevant but make sure that in effect the wan:80 port is mapped to the internal:80 port of the docker.

kerem commented 2026-02-26 07:32:10 +03:00

Author

Owner

Copy link

@Silicon51 commented on GitHub (May 21, 2025):

So, there's a chance that you have my case: both piHole and NPM as docker containers.
Due to some weird behavior of DNS resolver NPM container do not have access to internet so cannot request for cert.
For me it log errors like Failed to establish a new connection: [Errno -3] Temporary failure in name resolution')': /simple/cloudflare/
Also I have error Failed to check the reachability due to a communication error with site24x7.com nginx proxy when in version 2.12.3 I use option "Test Server Reachability" from tab SSL Certificates.
How to solve it?
add following to your NPM docker compose:

dns:
  - 172.19.0.4 <<pihole IP adress>>
  - 1.1.1.1
  - 8.8.8.8

<!-- gh-comment-id:2899527593 --> @Silicon51 commented on GitHub (May 21, 2025): So, there's a chance that you have my case: both piHole and NPM as docker containers. Due to some weird behavior of DNS resolver NPM container do not have access to internet so cannot request for cert. For me it log errors like `Failed to establish a new connection: [Errno -3] Temporary failure in name resolution')': /simple/cloudflare/` Also I have error `Failed to check the reachability due to a communication error with site24x7.com nginx proxy` when in version 2.12.3 I use option "Test Server Reachability" from tab SSL Certificates. How to solve it? add following to your NPM docker compose: dns: - 172.19.0.4 <<pihole IP adress>> - 1.1.1.1 - 8.8.8.8

kerem commented 2026-02-26 07:32:10 +03:00

Author

Owner

Copy link

@github-actions[bot] commented on GitHub (Dec 2, 2025):

Issue is now considered stale. If you want to keep it open, please comment 👍

<!-- gh-comment-id:3599868082 --> @github-actions[bot] commented on GitHub (Dec 2, 2025): Issue is now considered stale. If you want to keep it open, please comment :+1:

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

develop

dependabot/npm_and_yarn/backend/liquidjs-10.25.7

dependabot/npm_and_yarn/frontend/prod-minor-updates-2a16bf3987

dependabot/npm_and_yarn/frontend/dev-patch-updates-754666cf41

dependabot/npm_and_yarn/backend/basic-ftp-5.3.0

dependabot/npm_and_yarn/test/follow-redirects-1.16.0

dependabot/npm_and_yarn/test/axios-1.15.0

dependabot/npm_and_yarn/frontend/lodash-4.18.1

dependabot/npm_and_yarn/backend/lodash-4.18.1

dependabot/npm_and_yarn/test/lodash-4.18.1

dependabot/npm_and_yarn/frontend/vite-7.3.2

dependabot/npm_and_yarn/backend/prod-minor-updates-5ec19a7f21

dependabot/npm_and_yarn/frontend/lodash-es-4.18.1

dependabot/npm_and_yarn/frontend/happy-dom-20.8.9

dependabot/npm_and_yarn/backend/path-to-regexp-8.4.0

dependabot/npm_and_yarn/frontend/picomatch-4.0.4

dependabot/npm_and_yarn/backend/picomatch-2.3.2

dependabot/npm_and_yarn/frontend/yaml-1.10.3

dependabot/npm_and_yarn/test/flatted-3.4.2

dependabot/npm_and_yarn/test/tar-7.5.11

dependabot/npm_and_yarn/frontend/immutable-5.1.5

master

dependabot/npm_and_yarn/test/glob-10.5.0

dependabot/npm_and_yarn/frontend/mdast-util-to-hast-13.2.1

dependabot/npm_and_yarn/test/form-data-4.0.4

v3-abandoned

bump-freedns

openidc

ssl-passthrough-hosts

static-content

v2.14.0

v2.13.7

v2.13.6

v2.13.5

v2.13.4

v2.13.3

v2.13.2

v2.13.1

v2.13.0

v2.12.6

v2.12.5

v2.12.4

v2.12.3

v2.12.2

v2.12.1

v2.12.0

v2.11.3

v2.11.2

v2.11.1

v2.11.0

v2.10.4

v2.10.3

v2.10.2

v2.10.1

v2.10.0

v2.9.22

v2.9.21

v2.9.20

v2.9.19

v2.9.18

v2.9.17

v2.9.16

v2.9.15

v2.9.14

v2.9.13

v2.9.12

v2.9.11

v2.9.10

v2.9.9

v2.9.8

v2.9.7

v2.9.6

v2.9.5

v2.9.4

v2.9.3

v2.9.2

v2.9.1

v2.9.0

v2.8.1

v2.8.0

v2.7.3

v2.7.2

v2.7.1

v2.7.0

v2.6.2

v2.6.1

v2.6.0

v2.5.0

v2.4.0

v2.3.1

v2.3.0

v2.2.4

v2.2.3

v2.2.2

v2.2.1

v2.2.0

v2.1.2

v2.1.1

v2.1.0

2.0.14

2.0.13

2.0.12

2.0.11

2.0.10

2.0.9

2.0.8

2.0.7

2.0.6

2.0.5

2.0.4

2.0.3

2.0.2

2.0.0

v2.0.0

1.1.2

1.1.1

1.0.1

Labels

Clear labels   

awaiting feedback

  

bug

  

cannot reproduce

  

dns provider request

  

duplicate

  

enhancement

  

enhancement

  

enhancement

  

good first issue

  

help wanted

  

invalid

  

need more info

  

no certbot plugin available

  

product-support

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

stale

  

troll

  

upstream issue

  

v2

  

v2

  

v2

  

v3

  

wontfix

No labels

awaiting feedback

bug

cannot reproduce

dns provider request

duplicate

enhancement

enhancement

enhancement

good first issue

help wanted

invalid

need more info

no certbot plugin available

product-support

pull-request

question

stale

troll

upstream issue

v2

v2

v2

v3

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/nginx-proxy-manager-NginxProxyManager#1712

No description provided.