starred/nginx-proxy-manager-NginxProxyManager
1
0
Fork 0
mirror of https://github.com/NginxProxyManager/nginx-proxy-manager.git synced 2026-04-25 09:25:55 +03:00
Code Issues 937 Projects Releases 10 Packages Wiki Activity

[GH-ISSUE #226] Cannot generate letsencrypt certificate "Internal Error" #198

New issue
Closed
opened 2026-02-26 06:31:23 +03:00 by kerem · 3 comments
kerem commented 2026-02-26 06:31:23 +03:00
Owner
Copy link

Originally created by @dbrosy on GitHub (Nov 2, 2019).
Original GitHub issue: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/226

Ok I don't understand why this doesn't work.

I have created nginx proxy manager with 80, 81 and 443 open to public. I am trying to secure dashboard on port 81 with proxy.<example.com> (<example.com> not my real domain)

image

I can browse to http(s)://proxy.example.com and see login page.
If I try to create an ssl cert for my domain i get "internal error" with following in logs:

image

docker-compose.yml:

version: "3"
services:
  app:
    image: jc21/nginx-proxy-manager:2.0.14
    container_name: nginx-proxy
    restart: always
    ports:
      - "80:80"
      - "443:443"
      - "81:81"
    networks:
      - proxy
    volumes:
      - ./config.json:/app/config/production.json
      - ./data:/data
      - ./letsencrypt:/etc/letsencrypt
    depends_on:
      - db
    environment:
    # if you want pretty colors in your docker logs:
    - FORCE_COLOR=1
  db:
    image: mariadb:10.3
    container_name: nginx-db
    restart: always
    ports:
      - 3306:3306    
    environment:
      MYSQL_ROOT_PASSWORD: ${MYSQL_ROOT_PASSWORD}
      MYSQL_DATABASE: ${MYSQL_DATABASE}
      MYSQL_USER: ${MYSQL_USER}
      MYSQL_PASSWORD: ${MYSQL_PASSWORD}
    networks:
      - proxy
    volumes:
      - ./data/mysql:/var/lib/mysql
#  portainer:
#    image: portainer/portainer
#    container_name: portainer
#    command: -H unix:///var/run/docker.sock
#    restart: always
#    environment:
#      - VIRTUAL_HOST=${VIRTUAL_HOST}
#    networks:
#      - proxy
#    volumes:
#      - /var/run/docker.sock:/var/run/docker.sock
#      - portainer_data:/data

networks:
  proxy:

#volumes:
#  portainer_data:

config.json

{
  "database": {
    "engine": "mysql",
    "host": "db",
    "name": "npm",
    "user": "npm",
    "password": "npm",
    "port": 3306
  }
}

The error seems to be related to /.well-known/acme-challenge/...

What am I doing wrong?

I would like to the create certs for any domain I point to my proxy

Originally created by @dbrosy on GitHub (Nov 2, 2019). Original GitHub issue: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/226 Ok I don't understand why this doesn't work. I have created nginx proxy manager with 80, 81 and 443 open to public. I am trying to secure dashboard on port 81 with proxy.<example.com> (<example.com> not my real domain) ![image](https://user-images.githubusercontent.com/17326295/68071549-8f8dc000-fdcf-11e9-8e5a-c8b428c3e583.png) I can browse to http(s)://proxy.example.com and see login page. If I try to create an ssl cert for my domain i get "internal error" with following in logs: ![image](https://user-images.githubusercontent.com/17326295/68071662-a7197880-fdd0-11e9-9f74-3efef9b23aca.png) #### docker-compose.yml: ``` version: "3" services: app: image: jc21/nginx-proxy-manager:2.0.14 container_name: nginx-proxy restart: always ports: - "80:80" - "443:443" - "81:81" networks: - proxy volumes: - ./config.json:/app/config/production.json - ./data:/data - ./letsencrypt:/etc/letsencrypt depends_on: - db environment: # if you want pretty colors in your docker logs: - FORCE_COLOR=1 db: image: mariadb:10.3 container_name: nginx-db restart: always ports: - 3306:3306 environment: MYSQL_ROOT_PASSWORD: ${MYSQL_ROOT_PASSWORD} MYSQL_DATABASE: ${MYSQL_DATABASE} MYSQL_USER: ${MYSQL_USER} MYSQL_PASSWORD: ${MYSQL_PASSWORD} networks: - proxy volumes: - ./data/mysql:/var/lib/mysql # portainer: # image: portainer/portainer # container_name: portainer # command: -H unix:///var/run/docker.sock # restart: always # environment: # - VIRTUAL_HOST=${VIRTUAL_HOST} # networks: # - proxy # volumes: # - /var/run/docker.sock:/var/run/docker.sock # - portainer_data:/data networks: proxy: #volumes: # portainer_data: ``` #### config.json ``` { "database": { "engine": "mysql", "host": "db", "name": "npm", "user": "npm", "password": "npm", "port": 3306 } } ``` The error seems to be related to /.well-known/acme-challenge/... What am I doing wrong? I would like to the create certs for any domain I point to my proxy
kerem 2026-02-26 06:31:23 +03:00
  • closed this issue
  • added the
    bug
         label
kerem commented 2026-02-26 06:31:25 +03:00
Author
Owner
Copy link

@dbrosy commented on GitHub (Nov 7, 2019):

ok after looking at this for days it looks like my gateway / firewall is causing issue

<!-- gh-comment-id:551043700 --> @dbrosy commented on GitHub (Nov 7, 2019): ok after looking at this for days it looks like my gateway / firewall is causing issue
kerem commented 2026-02-26 06:31:25 +03:00
Author
Owner
Copy link

@dbrosy commented on GitHub (Nov 7, 2019):

Just an update, I discovered it was caused by a qnap NAS using upnp on 80 and 443.

<!-- gh-comment-id:551063542 --> @dbrosy commented on GitHub (Nov 7, 2019): Just an update, I discovered it was caused by a qnap NAS using upnp on 80 and 443.
kerem commented 2026-02-26 06:31:25 +03:00
Author
Owner
Copy link

@emass-sec commented on GitHub (Jan 1, 2020):

ok after looking at this for days it looks like my gateway / firewall is causing issue

Same, I turned off port 80 on my firewall recently and then connected the dots that's why I couldn't generate LetsEncrypt certificates in NPM anymore. Opened port 80 to NPM server again, and bam, able to generate certs again. Anyone know why it needs port 80?

<!-- gh-comment-id:570028047 --> @emass-sec commented on GitHub (Jan 1, 2020): > ok after looking at this for days it looks like my gateway / firewall is causing issue Same, I turned off port 80 on my firewall recently and then connected the dots that's why I couldn't generate LetsEncrypt certificates in NPM anymore. Opened port 80 to NPM server again, and bam, able to generate certs again. Anyone know why it needs port 80?
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
develop
dependabot/npm_and_yarn/backend/liquidjs-10.25.7
dependabot/npm_and_yarn/frontend/prod-minor-updates-2a16bf3987
dependabot/npm_and_yarn/frontend/dev-patch-updates-754666cf41
dependabot/npm_and_yarn/backend/basic-ftp-5.3.0
dependabot/npm_and_yarn/test/follow-redirects-1.16.0
dependabot/npm_and_yarn/test/axios-1.15.0
dependabot/npm_and_yarn/frontend/lodash-4.18.1
dependabot/npm_and_yarn/backend/lodash-4.18.1
dependabot/npm_and_yarn/test/lodash-4.18.1
dependabot/npm_and_yarn/frontend/vite-7.3.2
dependabot/npm_and_yarn/backend/prod-minor-updates-5ec19a7f21
dependabot/npm_and_yarn/frontend/lodash-es-4.18.1
dependabot/npm_and_yarn/frontend/happy-dom-20.8.9
dependabot/npm_and_yarn/backend/path-to-regexp-8.4.0
dependabot/npm_and_yarn/frontend/picomatch-4.0.4
dependabot/npm_and_yarn/backend/picomatch-2.3.2
dependabot/npm_and_yarn/frontend/yaml-1.10.3
dependabot/npm_and_yarn/test/flatted-3.4.2
dependabot/npm_and_yarn/test/tar-7.5.11
dependabot/npm_and_yarn/frontend/immutable-5.1.5
master
dependabot/npm_and_yarn/test/glob-10.5.0
dependabot/npm_and_yarn/frontend/mdast-util-to-hast-13.2.1
dependabot/npm_and_yarn/test/form-data-4.0.4
v3-abandoned
bump-freedns
openidc
ssl-passthrough-hosts
static-content
v2.14.0
v2.13.7
v2.13.6
v2.13.5
v2.13.4
v2.13.3
v2.13.2
v2.13.1
v2.13.0
v2.12.6
v2.12.5
v2.12.4
v2.12.3
v2.12.2
v2.12.1
v2.12.0
v2.11.3
v2.11.2
v2.11.1
v2.11.0
v2.10.4
v2.10.3
v2.10.2
v2.10.1
v2.10.0
v2.9.22
v2.9.21
v2.9.20
v2.9.19
v2.9.18
v2.9.17
v2.9.16
v2.9.15
v2.9.14
v2.9.13
v2.9.12
v2.9.11
v2.9.10
v2.9.9
v2.9.8
v2.9.7
v2.9.6
v2.9.5
v2.9.4
v2.9.3
v2.9.2
v2.9.1
v2.9.0
v2.8.1
v2.8.0
v2.7.3
v2.7.2
v2.7.1
v2.7.0
v2.6.2
v2.6.1
v2.6.0
v2.5.0
v2.4.0
v2.3.1
v2.3.0
v2.2.4
v2.2.3
v2.2.2
v2.2.1
v2.2.0
v2.1.2
v2.1.1
v2.1.0
2.0.14
2.0.13
2.0.12
2.0.11
2.0.10
2.0.9
2.0.8
2.0.7
2.0.6
2.0.5
2.0.4
2.0.3
2.0.2
2.0.0
v2.0.0
1.1.2
1.1.1
1.0.1
Labels
Clear labels   
awaiting feedback

   
bug

   
cannot reproduce

   
dns provider request

   
duplicate

   
enhancement

   
enhancement

   
enhancement

   
good first issue

   
help wanted

   
invalid

   
need more info

   
no certbot plugin available

   
product-support

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
stale

   
troll

   
upstream issue

   
v2

   
v2

   
v2

   
v3

   
wontfix
No labels
awaiting feedback
bug
cannot reproduce
dns provider request
duplicate
enhancement
enhancement
enhancement
good first issue
help wanted
invalid
need more info
no certbot plugin available
product-support
pull-request
question
stale
troll
upstream issue
v2
v2
v2
v3
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/nginx-proxy-manager-NginxProxyManager#198
No description provided.