starred/nginx-proxy-manager-NginxProxyManager
1
0
Fork 0
mirror of https://github.com/NginxProxyManager/nginx-proxy-manager.git synced 2026-04-25 09:25:55 +03:00
Code Issues 937 Projects Releases 10 Packages Wiki Activity

[GH-ISSUE #2537] Namecheap Let's Encrypt Certifiacte - Unable to determine zone identifier #1773

New issue
Closed
opened 2026-02-26 07:32:24 +03:00 by kerem · 8 comments
kerem commented 2026-02-26 07:32:24 +03:00
Owner
Copy link

Originally created by @Redwid on GitHub (Jan 12, 2023).
Original GitHub issue: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/2537

Checklist

  • Have you pulled and found the error with jc21/nginx-proxy-manager:latest docker image?
    • Yes
  • Are you sure you're not using someone else's docker image?
    • Yes
  • Have you searched for similar issues (both open and closed)?
    • Yes

Describe the bug
I'm trying to set up Namecheap Let's Encrypt Certificate. Unfortunately with no success.
Getting that error message in UI:
Error: Command failed: certbot certonly --config "/etc/letsencrypt.ini" --cert-name "npm-38" --agree-tos --email "my-emai-is-herel@gmail.com" --domains "*.my-domain-is-here.com,my-domain-is-here.com" --authenticator dns-namecheap --dns-namecheap-credentials "/etc/letsencrypt/credentials/credentials-38" Saving debug log to /var/log/letsencrypt/letsencrypt.log Unable to determine zone identifier for my-domain-is-here.com using zone names: ['my-domain-is-here.com', 'com'] Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details. at ChildProcess.exithandler (node:child_process:402:12) at ChildProcess.emit (node:events:513:28) at maybeClose (node:internal/child_process:1100:16) at Process.ChildProcess._handle.onexit (node:internal/child_process:304:5)

Nginx Proxy Manager Version
2.9.19

To Reproduce
Steps to reproduce the behavior:

  1. Go to 'SSL Certificates'
  2. Click on 'Add SSL Certificate' -> "Let's Encrypt'
  3. Fill in your domains names: my-domain-is-here.com and *.my-domain-is-here.com
  4. Fill in your email address for Let's Encrypt
  5. Select Use a DNS Challenge
  6. Select Namecheap DNC Provider
  7. Put your name to dns_namecheap_username
  8. Put Nmaecheap api key to dns_namecheap_api_key
  9. Select I agree
  10. Click Save
  11. Observ error message

Expected behavior
Successful certificate retrial

Screenshots

Operating System
Mac OS 12.5.1, Safari 15.6.1 ,Firefox 102.06esr

Additional context
I have certbot set up on my host mashie. It could successfully fetch certificates. I could import that in npm UI.
So certbot is working for me in manual mode with using TXT_RECORD _acme-challenge.

The certbot in container has a strange logs:
2023-01-12 15:15:31,571:DEBUG:certbot._internal.log:Exiting abnormally: Traceback (most recent call last): File "/usr/local/bin/certbot", line 8, in <module> sys.exit(main()) File "/usr/local/lib/python3.7/dist-packages/certbot/main.py", line 19, in main return internal_main.main(cli_args) File "/usr/local/lib/python3.7/dist-packages/certbot/_internal/main.py", line 1736, in main return config.func(config, plugins) File "/usr/local/lib/python3.7/dist-packages/certbot/_internal/main.py", line 1590, in certonly lineage = _get_and_save_cert(le_client, config, domains, certname, lineage) File "/usr/local/lib/python3.7/dist-packages/certbot/_internal/main.py", line 138, in _get_and_save_cert lineage = le_client.obtain_and_enroll_certificate(domains, certname) File "/usr/local/lib/python3.7/dist-packages/certbot/_internal/client.py", line 516, in obtain_and_enroll_certificate cert, chain, key, _ = self.obtain_certificate(domains) File "/usr/local/lib/python3.7/dist-packages/certbot/_internal/client.py", line 428, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/local/lib/python3.7/dist-packages/certbot/_internal/client.py", line 496, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort) File "/usr/local/lib/python3.7/dist-packages/certbot/_internal/auth_handler.py", line 88, in handle_authorizations resps = self.auth.perform(achalls) File "/usr/local/lib/python3.7/dist-packages/certbot/plugins/dns_common.py", line 76, in perform self._perform(domain, validation_domain_name, validation) File "/usr/local/lib/python3.7/dist-packages/certbot_dns_namecheap/dns_namecheap.py", line 62, in _perform self._get_namecheap_client().add_txt_record(domain, validation_name, validation) File "/usr/local/lib/python3.7/dist-packages/certbot/plugins/dns_common_lexicon.py", line 47, in add_txt_record self._find_domain_id(domain) File "/usr/local/lib/python3.7/dist-packages/certbot/plugins/dns_common_lexicon.py", line 110, in _find_domain_id .format(domain, domain_name_guesses)) certbot.errors.PluginError: Unable to determine zone identifier for my-domain-is-here.com using zone names: ['my-domain-is-here.com', 'com'] 2023-01-12 15:15:31,572:ERROR:certbot._internal.log:Unable to determine zone identifier for my-domain-is-here.com using zone names: ['my-domain-is-here.com', 'com']

Please note domain was edited to my-domain-is-here term

Originally created by @Redwid on GitHub (Jan 12, 2023). Original GitHub issue: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/2537 <!-- Are you in the right place? - If you are looking for support on how to get your upstream server forwarding, please consider asking the community on Reddit. - If you are writing code changes to contribute and need to ask about the internals of the software, Gitter is the best place to ask. - If you think you found a bug with NPM (not Nginx, or your upstream server or MySql) then you are in the *right place.* --> **Checklist** - Have you pulled and found the error with `jc21/nginx-proxy-manager:latest` docker image? - Yes - Are you sure you're not using someone else's docker image? - Yes - Have you searched for similar issues (both open and closed)? - Yes **Describe the bug** I'm trying to set up Namecheap Let's Encrypt Certificate. Unfortunately with no success. Getting that error message in UI: `Error: Command failed: certbot certonly --config "/etc/letsencrypt.ini" --cert-name "npm-38" --agree-tos --email "my-emai-is-herel@gmail.com" --domains "*.my-domain-is-here.com,my-domain-is-here.com" --authenticator dns-namecheap --dns-namecheap-credentials "/etc/letsencrypt/credentials/credentials-38" Saving debug log to /var/log/letsencrypt/letsencrypt.log Unable to determine zone identifier for my-domain-is-here.com using zone names: ['my-domain-is-here.com', 'com'] Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details. at ChildProcess.exithandler (node:child_process:402:12) at ChildProcess.emit (node:events:513:28) at maybeClose (node:internal/child_process:1100:16) at Process.ChildProcess._handle.onexit (node:internal/child_process:304:5)` **Nginx Proxy Manager Version** 2.9.19 **To Reproduce** Steps to reproduce the behavior: 1. Go to 'SSL Certificates' 2. Click on 'Add SSL Certificate' -> "Let's Encrypt' 3. Fill in your domains names: my-domain-is-here.com and *.my-domain-is-here.com 4. Fill in your email address for Let's Encrypt 5. Select Use a DNS Challenge 6. Select Namecheap DNC Provider 7. Put your name to dns_namecheap_username 8. Put Nmaecheap api key to dns_namecheap_api_key 9. Select I agree 10. Click Save 11. Observ error message **Expected behavior** Successful certificate retrial **Screenshots** <!-- If applicable, add screenshots to help explain your problem. --> **Operating System** Mac OS 12.5.1, Safari 15.6.1 ,Firefox 102.06esr **Additional context** I have certbot set up on my host mashie. It could successfully fetch certificates. I could import that in npm UI. So certbot is working for me in manual mode with using TXT_RECORD _acme-challenge. The certbot in container has a strange logs: `2023-01-12 15:15:31,571:DEBUG:certbot._internal.log:Exiting abnormally: Traceback (most recent call last): File "/usr/local/bin/certbot", line 8, in <module> sys.exit(main()) File "/usr/local/lib/python3.7/dist-packages/certbot/main.py", line 19, in main return internal_main.main(cli_args) File "/usr/local/lib/python3.7/dist-packages/certbot/_internal/main.py", line 1736, in main return config.func(config, plugins) File "/usr/local/lib/python3.7/dist-packages/certbot/_internal/main.py", line 1590, in certonly lineage = _get_and_save_cert(le_client, config, domains, certname, lineage) File "/usr/local/lib/python3.7/dist-packages/certbot/_internal/main.py", line 138, in _get_and_save_cert lineage = le_client.obtain_and_enroll_certificate(domains, certname) File "/usr/local/lib/python3.7/dist-packages/certbot/_internal/client.py", line 516, in obtain_and_enroll_certificate cert, chain, key, _ = self.obtain_certificate(domains) File "/usr/local/lib/python3.7/dist-packages/certbot/_internal/client.py", line 428, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/local/lib/python3.7/dist-packages/certbot/_internal/client.py", line 496, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort) File "/usr/local/lib/python3.7/dist-packages/certbot/_internal/auth_handler.py", line 88, in handle_authorizations resps = self.auth.perform(achalls) File "/usr/local/lib/python3.7/dist-packages/certbot/plugins/dns_common.py", line 76, in perform self._perform(domain, validation_domain_name, validation) File "/usr/local/lib/python3.7/dist-packages/certbot_dns_namecheap/dns_namecheap.py", line 62, in _perform self._get_namecheap_client().add_txt_record(domain, validation_name, validation) File "/usr/local/lib/python3.7/dist-packages/certbot/plugins/dns_common_lexicon.py", line 47, in add_txt_record self._find_domain_id(domain) File "/usr/local/lib/python3.7/dist-packages/certbot/plugins/dns_common_lexicon.py", line 110, in _find_domain_id .format(domain, domain_name_guesses)) certbot.errors.PluginError: Unable to determine zone identifier for my-domain-is-here.com using zone names: ['my-domain-is-here.com', 'com'] 2023-01-12 15:15:31,572:ERROR:certbot._internal.log:Unable to determine zone identifier for my-domain-is-here.com using zone names: ['my-domain-is-here.com', 'com']` Please note domain was edited to my-domain-is-here term
kerem 2026-02-26 07:32:24 +03:00
  • closed this issue
  • added the
    stale
    bug
         labels
kerem commented 2026-02-26 07:32:24 +03:00
Author
Owner
Copy link

@Kathou99 commented on GitHub (Jan 15, 2023):

I have the same error

<!-- gh-comment-id:1383245904 --> @Kathou99 commented on GitHub (Jan 15, 2023): I have the same error
kerem commented 2026-02-26 07:32:24 +03:00
Author
Owner
Copy link

@Kathou99 commented on GitHub (Jan 16, 2023):

@Redwid Please check if the port 80 is not bing used and is open to the internet (outside world)

<!-- gh-comment-id:1383293901 --> @Kathou99 commented on GitHub (Jan 16, 2023): @Redwid Please check if the port 80 is not bing used and is open to the internet (outside world)
kerem commented 2026-02-26 07:32:24 +03:00
Author
Owner
Copy link

@dmmackay commented on GitHub (Mar 19, 2023):

Have you added your IP to the Whitelisted IPs in Namecheap? This fixed it for me.

<!-- gh-comment-id:1475055395 --> @dmmackay commented on GitHub (Mar 19, 2023): Have you added your IP to the Whitelisted IPs in Namecheap? This fixed it for me.
kerem commented 2026-02-26 07:32:24 +03:00
Author
Owner
Copy link

@hakunamatata97k commented on GitHub (May 1, 2023):

@dmmackay @Redwid how did you get the API key from Namecheap could you please tell me?

<!-- gh-comment-id:1530536972 --> @hakunamatata97k commented on GitHub (May 1, 2023): @dmmackay @Redwid how did you get the API key from Namecheap could you please tell me?
kerem commented 2026-02-26 07:32:24 +03:00
Author
Owner
Copy link

@Bovive commented on GitHub (Jun 6, 2023):

Have you added your IP to the Whitelisted IPs in Namecheap? This fixed it for me.

I know this is an old bug, but thanks for stating that. It also fixed it for me! If anyone needs the reference, here is the documentation from Namecheap on how to do it.

<!-- gh-comment-id:1577785315 --> @Bovive commented on GitHub (Jun 6, 2023): > Have you added your IP to the Whitelisted IPs in Namecheap? This fixed it for me. I know this is an old bug, but thanks for stating that. It also fixed it for me! If anyone needs the reference, here is the [documentation](https://www.namecheap.com/support/api/intro/#:~:text=your%20Namecheap%20account.-,Go%20to%20the%20Profile%20%3E%20Tools%20menu.,and%20proceed%20with%20Save%20Changes.) from Namecheap on how to do it.
kerem commented 2026-02-26 07:32:24 +03:00
Author
Owner
Copy link

@jmaximusix commented on GitHub (Sep 1, 2023):

I have the same isssue, but just for clarification, does someone know whether you need namecheaps sandbox or production API Key? I'm assuming production, but I've tried both without success

[Edit]
It was my mistake, it did work for me, I accidentally used the sandboxed API twice. It does work with the normal API from namecheap, however you need at least 50$ in your balance to activate it, but I was able to deposit 50$, activate the API and then get it refunded through support (API access stays). Just be aware that whoever you entrust this API key with (in this case nginx proxy manager) is theoretically able to buy and sell domains in your name with that API as it inevitably has all these permissions

<!-- gh-comment-id:1703105151 --> @jmaximusix commented on GitHub (Sep 1, 2023): I have the same isssue, but just for clarification, does someone know whether you need namecheaps sandbox or production API Key? I'm assuming production, but I've tried both without success [Edit] It was my mistake, it did work for me, I accidentally used the sandboxed API twice. It does work with the normal API from namecheap, however you need at least 50$ in your balance to activate it, but I was able to deposit 50$, activate the API and then get it refunded through support (API access stays). Just be aware that whoever you entrust this API key with (in this case nginx proxy manager) is theoretically able to buy and sell domains in your name with that API as it inevitably has all these permissions
kerem commented 2026-02-26 07:32:24 +03:00
Author
Owner
Copy link

@github-actions[bot] commented on GitHub (Apr 20, 2024):

Issue is now considered stale. If you want to keep it open, please comment 👍

<!-- gh-comment-id:2067508495 --> @github-actions[bot] commented on GitHub (Apr 20, 2024): Issue is now considered stale. If you want to keep it open, please comment :+1:
kerem commented 2026-02-26 07:32:24 +03:00
Author
Owner
Copy link

@github-actions[bot] commented on GitHub (Jun 13, 2025):

Issue was closed due to inactivity.

<!-- gh-comment-id:2968775374 --> @github-actions[bot] commented on GitHub (Jun 13, 2025): Issue was closed due to inactivity.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
develop
dependabot/npm_and_yarn/backend/liquidjs-10.25.7
dependabot/npm_and_yarn/frontend/prod-minor-updates-2a16bf3987
dependabot/npm_and_yarn/frontend/dev-patch-updates-754666cf41
dependabot/npm_and_yarn/backend/basic-ftp-5.3.0
dependabot/npm_and_yarn/test/follow-redirects-1.16.0
dependabot/npm_and_yarn/test/axios-1.15.0
dependabot/npm_and_yarn/frontend/lodash-4.18.1
dependabot/npm_and_yarn/backend/lodash-4.18.1
dependabot/npm_and_yarn/test/lodash-4.18.1
dependabot/npm_and_yarn/frontend/vite-7.3.2
dependabot/npm_and_yarn/backend/prod-minor-updates-5ec19a7f21
dependabot/npm_and_yarn/frontend/lodash-es-4.18.1
dependabot/npm_and_yarn/frontend/happy-dom-20.8.9
dependabot/npm_and_yarn/backend/path-to-regexp-8.4.0
dependabot/npm_and_yarn/frontend/picomatch-4.0.4
dependabot/npm_and_yarn/backend/picomatch-2.3.2
dependabot/npm_and_yarn/frontend/yaml-1.10.3
dependabot/npm_and_yarn/test/flatted-3.4.2
dependabot/npm_and_yarn/test/tar-7.5.11
dependabot/npm_and_yarn/frontend/immutable-5.1.5
master
dependabot/npm_and_yarn/test/glob-10.5.0
dependabot/npm_and_yarn/frontend/mdast-util-to-hast-13.2.1
dependabot/npm_and_yarn/test/form-data-4.0.4
v3-abandoned
bump-freedns
openidc
ssl-passthrough-hosts
static-content
v2.14.0
v2.13.7
v2.13.6
v2.13.5
v2.13.4
v2.13.3
v2.13.2
v2.13.1
v2.13.0
v2.12.6
v2.12.5
v2.12.4
v2.12.3
v2.12.2
v2.12.1
v2.12.0
v2.11.3
v2.11.2
v2.11.1
v2.11.0
v2.10.4
v2.10.3
v2.10.2
v2.10.1
v2.10.0
v2.9.22
v2.9.21
v2.9.20
v2.9.19
v2.9.18
v2.9.17
v2.9.16
v2.9.15
v2.9.14
v2.9.13
v2.9.12
v2.9.11
v2.9.10
v2.9.9
v2.9.8
v2.9.7
v2.9.6
v2.9.5
v2.9.4
v2.9.3
v2.9.2
v2.9.1
v2.9.0
v2.8.1
v2.8.0
v2.7.3
v2.7.2
v2.7.1
v2.7.0
v2.6.2
v2.6.1
v2.6.0
v2.5.0
v2.4.0
v2.3.1
v2.3.0
v2.2.4
v2.2.3
v2.2.2
v2.2.1
v2.2.0
v2.1.2
v2.1.1
v2.1.0
2.0.14
2.0.13
2.0.12
2.0.11
2.0.10
2.0.9
2.0.8
2.0.7
2.0.6
2.0.5
2.0.4
2.0.3
2.0.2
2.0.0
v2.0.0
1.1.2
1.1.1
1.0.1
Labels
Clear labels   
awaiting feedback

   
bug

   
cannot reproduce

   
dns provider request

   
duplicate

   
enhancement

   
enhancement

   
enhancement

   
good first issue

   
help wanted

   
invalid

   
need more info

   
no certbot plugin available

   
product-support

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
stale

   
troll

   
upstream issue

   
v2

   
v2

   
v2

   
v3

   
wontfix
No labels
awaiting feedback
bug
cannot reproduce
dns provider request
duplicate
enhancement
enhancement
enhancement
good first issue
help wanted
invalid
need more info
no certbot plugin available
product-support
pull-request
question
stale
troll
upstream issue
v2
v2
v2
v3
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/nginx-proxy-manager-NginxProxyManager#1773
No description provided.