starred/nginx-proxy-manager-NginxProxyManager
1
0
Fork 0
mirror of https://github.com/NginxProxyManager/nginx-proxy-manager.git synced 2026-04-25 09:25:55 +03:00
Code Issues 937 Projects Releases 10 Packages Wiki Activity

[GH-ISSUE #4270] can't make a wildcard SSL certificate #2754

New issue
Closed
opened 2026-02-26 07:36:41 +03:00 by kerem · 10 comments
kerem commented 2026-02-26 07:36:41 +03:00
Owner
Copy link

Originally created by @Schlotfeldt91 on GitHub (Dec 30, 2024).
Original GitHub issue: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/4270

Checklist

  • Have you pulled and found the error with jc21/nginx-proxy-manager:latest docker image?
    • Yes
  • Are you sure you're not using someone else's docker image?
    • Yes
  • Have you searched for similar issues (both open and closed)?
    • Yes

Describe the bug

i am trying to make a wildcard certificate and set it up with Cloudflare.
but when it's trying to generate the certificate, then i get this error message:

CommandError: Saving debug log to /tmp/letsencrypt-log/letsencrypt.log
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /tmp/letsencrypt-log/letsencrypt.log or re-run Certbot with -v for more details.

at /app/lib/utils.js:16:13
at ChildProcess.exithandler (node:child_process:430:5)
at ChildProcess.emit (node:events:518:28)
at maybeClose (node:internal/child_process:1104:16)
at ChildProcess._handle.onexit (node:internal/child_process:304:5)

and i don't know what that means? the API token is correct and i have tried to reinstall Nginx Prox Manager a few times now and i get the same error every time, i have also make a new virtual machine to see if that helped, but got the same error.

i am useing the docker compose file:

services:
app:
image: 'jc21/nginx-proxy-manager:latest'
restart: unless-stopped
ports:
- '80:80'
- '81:81'
- '443:443'
volumes:
- ./data:/data
- ./letsencrypt:/etc/letsencrypt

Nginx Proxy Manager Version

v2.12.2 © 2024 jc21.com. Theme by Tabler

To Reproduce
Steps to reproduce the behavior:

  1. Go to '...'
  2. Click on '....'
  3. Scroll down to '....'
  4. See error

Expected behavior

Screenshots

image

Operating System

Distributor ID: Ubuntu
Description: Ubuntu 24.04.1 LTS
Release: 24.04
Codename: noble

Additional context

Docker version 27.4.1, build b9d17ea

Originally created by @Schlotfeldt91 on GitHub (Dec 30, 2024). Original GitHub issue: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/4270 <!-- Are you in the right place? - If you are looking for support on how to get your upstream server forwarding, please consider asking the community on Reddit. - If you are writing code changes to contribute and need to ask about the internals of the software, Gitter is the best place to ask. - If you think you found a bug with NPM (not Nginx, or your upstream server or MySql) then you are in the *right place.* --> **Checklist** - Have you pulled and found the error with `jc21/nginx-proxy-manager:latest` docker image? - Yes - Are you sure you're not using someone else's docker image? - Yes - Have you searched for similar issues (both open and closed)? - Yes **Describe the bug** <!-- A clear and concise description of what the bug is. --> i am trying to make a wildcard certificate and set it up with Cloudflare. but when it's trying to generate the certificate, then i get this error message: ---------------------------------------------------------------------------------------------------------------------------------------------- CommandError: Saving debug log to /tmp/letsencrypt-log/letsencrypt.log Some challenges have failed. Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /tmp/letsencrypt-log/letsencrypt.log or re-run Certbot with -v for more details. at /app/lib/utils.js:16:13 at ChildProcess.exithandler (node:child_process:430:5) at ChildProcess.emit (node:events:518:28) at maybeClose (node:internal/child_process:1104:16) at ChildProcess._handle.onexit (node:internal/child_process:304:5) ---------------------------------------------------------------------------------------------------------------------------------------------- and i don't know what that means? the API token is correct and i have tried to reinstall Nginx Prox Manager a few times now and i get the same error every time, i have also make a new virtual machine to see if that helped, but got the same error. i am useing the docker compose file: ---------------------------------------------------------------------------------------------------------------------------------------------- services: app: image: 'jc21/nginx-proxy-manager:latest' restart: unless-stopped ports: - '80:80' - '81:81' - '443:443' volumes: - ./data:/data - ./letsencrypt:/etc/letsencrypt ---------------------------------------------------------------------------------------------------------------------------------------------- **Nginx Proxy Manager Version** <!-- What version of Nginx Proxy Manager is reported on the login page? --> v2.12.2 © 2024 [jc21.com](https://jc21.com/?utm_source=nginx-proxy-manager). Theme by [Tabler](https://tabler.github.io/?utm_source=nginx-proxy-manager) **To Reproduce** Steps to reproduce the behavior: 1. Go to '...' 2. Click on '....' 3. Scroll down to '....' 4. See error **Expected behavior** <!-- A clear and concise description of what you expected to happen. --> **Screenshots** <!-- If applicable, add screenshots to help explain your problem. --> ![image](https://github.com/user-attachments/assets/efbed791-c4f4-4a25-bbaf-90cee751b814) **Operating System** <!-- Please specify if using a Rpi, Mac, orchestration tool or any other setups that might affect the reproduction of this error. --> Distributor ID: Ubuntu Description: Ubuntu 24.04.1 LTS Release: 24.04 Codename: noble **Additional context** <!-- Add any other context about the problem here, docker version, browser version, logs if applicable to the problem. Too much info is better than too little. --> Docker version 27.4.1, build b9d17ea
kerem 2026-02-26 07:36:41 +03:00
  • closed this issue
  • added the
    bug
         label
kerem commented 2026-02-26 07:36:41 +03:00
Author
Owner
Copy link

@timkolloch commented on GitHub (Jan 4, 2025):

I have the same issue trying to use Strato.

Edit

For the comment from Loma0815 under #1154 solved my problem

<!-- gh-comment-id:2571390880 --> @timkolloch commented on GitHub (Jan 4, 2025): I have the same issue trying to use Strato. ### Edit For the [comment from Loma0815](https://github.com/NginxProxyManager/nginx-proxy-manager/issues/1154#issuecomment-2378735815) under #1154 solved my problem
kerem commented 2026-02-26 07:36:41 +03:00
Author
Owner
Copy link

@Trust996 commented on GitHub (Jan 9, 2025):

Unfortunately, I have the same problem.
There is a workaround that works.
Hopefully the developers will fix the problem soon :)

Thanks @Loma0815
exec in to the container
apt update
apt install pip
apt install nano
pip install certbot-dns-strato==0.2.2 --break-system-packages
cd global/
nano certbot-dns-plugins.json
change the version from Strato 0.2.1 to 0.2.2 and save it
restart the container
Request a new Wildcard within NPM

<!-- gh-comment-id:2580567107 --> @Trust996 commented on GitHub (Jan 9, 2025): Unfortunately, I have the same problem. There is a workaround that works. Hopefully the developers will fix the problem soon :) Thanks @Loma0815 exec in to the container apt update apt install pip apt install nano pip install certbot-dns-strato==0.2.2 --break-system-packages cd global/ nano certbot-dns-plugins.json change the version from Strato 0.2.1 to 0.2.2 and save it restart the container Request a new Wildcard within NPM
kerem commented 2026-02-26 07:36:41 +03:00
Author
Owner
Copy link

@Schlotfeldt91 commented on GitHub (Jan 9, 2025):

Okay i will try that 👍

<!-- gh-comment-id:2580586430 --> @Schlotfeldt91 commented on GitHub (Jan 9, 2025): Okay i will try that 👍
kerem commented 2026-02-26 07:36:41 +03:00
Author
Owner
Copy link

@Schlotfeldt91 commented on GitHub (Jan 9, 2025):

Unfortunately, I have the same problem. There is a workaround that works. Hopefully the developers will fix the problem soon :)

Thanks @Loma0815 exec in to the container apt update apt install pip apt install nano pip install certbot-dns-strato==0.2.2 --break-system-packages cd global/ nano certbot-dns-plugins.json change the version from Strato 0.2.1 to 0.2.2 and save it restart the container Request a new Wildcard within NPM

Now i have tried what you suggested, but it did not work on my setup.
image
image

<!-- gh-comment-id:2581159118 --> @Schlotfeldt91 commented on GitHub (Jan 9, 2025): > Unfortunately, I have the same problem. There is a workaround that works. Hopefully the developers will fix the problem soon :) > > Thanks @Loma0815 exec in to the container apt update apt install pip apt install nano pip install certbot-dns-strato==0.2.2 --break-system-packages cd global/ nano certbot-dns-plugins.json change the version from Strato 0.2.1 to 0.2.2 and save it restart the container Request a new Wildcard within NPM Now i have tried what you suggested, but it did not work on my setup. ![image](https://github.com/user-attachments/assets/2779c1e4-5474-4c3a-8f32-20d66f6eec71) ![image](https://github.com/user-attachments/assets/2ba8e168-2938-404a-92fe-df81192514e9)
kerem commented 2026-02-26 07:36:41 +03:00
Author
Owner
Copy link

@timkolloch commented on GitHub (Jan 10, 2025):

Now i have tried what you suggested, but it did not work on my setup.

This only solves the problem for the Strato DNS as you are trying to use Cloudfare the issue is likely to be with something else.

<!-- gh-comment-id:2583150119 --> @timkolloch commented on GitHub (Jan 10, 2025): > Now i have tried what you suggested, but it did not work on my setup. This only solves the problem for the Strato DNS as you are trying to use Cloudfare the issue is likely to be with something else.
kerem commented 2026-02-26 07:36:41 +03:00
Author
Owner
Copy link

@Schlotfeldt91 commented on GitHub (Jan 10, 2025):

Now i have tried what you suggested, but it did not work on my setup.

This only solves the problem for the Strato DNS as you are trying to use Cloudfare the issue is likely to be with something else.

Ahh okay, didn't know it was a DNS 😅

<!-- gh-comment-id:2583169681 --> @Schlotfeldt91 commented on GitHub (Jan 10, 2025): > > Now i have tried what you suggested, but it did not work on my setup. > > This only solves the problem for the Strato DNS as you are trying to use Cloudfare the issue is likely to be with something else. Ahh okay, didn't know it was a DNS 😅
kerem commented 2026-02-26 07:36:41 +03:00
Author
Owner
Copy link

@timkolloch commented on GitHub (Jan 10, 2025):

Now i have tried what you suggested, but it did not work on my setup.

This only solves the problem for the Strato DNS as you are trying to use Cloudfare the issue is likely to be with something else.

Ahh okay, didn't know it was a DNS 😅

By trying to create a wildcard certificate you are trying to do a DNS-01 challenge which ensures you are controlling the DNS entry the domain points to so it needs to access it via your DNS provider :D

<!-- gh-comment-id:2583232351 --> @timkolloch commented on GitHub (Jan 10, 2025): > > > Now i have tried what you suggested, but it did not work on my setup. > > > > > > This only solves the problem for the Strato DNS as you are trying to use Cloudfare the issue is likely to be with something else. > > Ahh okay, didn't know it was a DNS 😅 By trying to create a wildcard certificate you are trying to do a [DNS-01 challenge](https://letsencrypt.org/docs/challenge-types/#dns-01-challenge) which ensures you are controlling the DNS entry the domain points to so it needs to access it via your DNS provider :D
kerem commented 2026-02-26 07:36:41 +03:00
Author
Owner
Copy link

@Schlotfeldt91 commented on GitHub (Jan 10, 2025):

Now i have tried what you suggested, but it did not work on my setup.

This only solves the problem for the Strato DNS as you are trying to use Cloudfare the issue is likely to be with something else.

Ahh okay, didn't know it was a DNS 😅

By trying to create a wildcard certificate you are trying to do a DNS-01 challenge which ensures you are controlling the DNS entry the domain points to so it needs to access it via your DNS provider :D

I am using the API from cloudflare and I'm adding that API in Nginx Proxy Manager. So isn't that confirming the ownership of the domain? 😅

<!-- gh-comment-id:2583306550 --> @Schlotfeldt91 commented on GitHub (Jan 10, 2025): > > > > Now i have tried what you suggested, but it did not work on my setup. > > > > > > > > > This only solves the problem for the Strato DNS as you are trying to use Cloudfare the issue is likely to be with something else. > > > > Ahh okay, didn't know it was a DNS 😅 > > By trying to create a wildcard certificate you are trying to do a [DNS-01 challenge](https://letsencrypt.org/docs/challenge-types/#dns-01-challenge) which ensures you are controlling the DNS entry the domain points to so it needs to access it via your DNS provider :D I am using the API from cloudflare and I'm adding that API in Nginx Proxy Manager. So isn't that confirming the ownership of the domain? 😅
kerem commented 2026-02-26 07:36:41 +03:00
Author
Owner
Copy link

@Schlotfeldt91 commented on GitHub (Jan 12, 2025):

I have resolved the issue.

Apparently the public dns provider wasn't pointing correctly to Cloudfare.

<!-- gh-comment-id:2585737344 --> @Schlotfeldt91 commented on GitHub (Jan 12, 2025): I have resolved the issue. Apparently the public dns provider wasn't pointing correctly to Cloudfare.
kerem commented 2026-02-26 07:36:41 +03:00
Author
Owner
Copy link

@jumadilabdulrahmanselian commented on GitHub (Jan 29, 2025):

I resolve it too,

  1. Point your Root Domain to DNS only in Cloudflare.

  2. Ensure that the DNS propagation has directed to your server, then try requesting the SSL certificate again.

  3. If errors persist, update pip and other dependencies. Access your NPM container, manually update the required applications, and once the update is complete, try requesting the SSL certificate again.

Good luck!

<!-- gh-comment-id:2620746388 --> @jumadilabdulrahmanselian commented on GitHub (Jan 29, 2025): I resolve it too, 1. Point your Root Domain to DNS only in Cloudflare. 2. Ensure that the DNS propagation has directed to your server, then try requesting the SSL certificate again. 3. If errors persist, update pip and other dependencies. Access your NPM container, manually update the required applications, and once the update is complete, try requesting the SSL certificate again. Good luck!
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
develop
dependabot/npm_and_yarn/backend/liquidjs-10.25.7
dependabot/npm_and_yarn/frontend/prod-minor-updates-2a16bf3987
dependabot/npm_and_yarn/frontend/dev-patch-updates-754666cf41
dependabot/npm_and_yarn/backend/basic-ftp-5.3.0
dependabot/npm_and_yarn/test/follow-redirects-1.16.0
dependabot/npm_and_yarn/test/axios-1.15.0
dependabot/npm_and_yarn/frontend/lodash-4.18.1
dependabot/npm_and_yarn/backend/lodash-4.18.1
dependabot/npm_and_yarn/test/lodash-4.18.1
dependabot/npm_and_yarn/frontend/vite-7.3.2
dependabot/npm_and_yarn/backend/prod-minor-updates-5ec19a7f21
dependabot/npm_and_yarn/frontend/lodash-es-4.18.1
dependabot/npm_and_yarn/frontend/happy-dom-20.8.9
dependabot/npm_and_yarn/backend/path-to-regexp-8.4.0
dependabot/npm_and_yarn/frontend/picomatch-4.0.4
dependabot/npm_and_yarn/backend/picomatch-2.3.2
dependabot/npm_and_yarn/frontend/yaml-1.10.3
dependabot/npm_and_yarn/test/flatted-3.4.2
dependabot/npm_and_yarn/test/tar-7.5.11
dependabot/npm_and_yarn/frontend/immutable-5.1.5
master
dependabot/npm_and_yarn/test/glob-10.5.0
dependabot/npm_and_yarn/frontend/mdast-util-to-hast-13.2.1
dependabot/npm_and_yarn/test/form-data-4.0.4
v3-abandoned
bump-freedns
openidc
ssl-passthrough-hosts
static-content
v2.14.0
v2.13.7
v2.13.6
v2.13.5
v2.13.4
v2.13.3
v2.13.2
v2.13.1
v2.13.0
v2.12.6
v2.12.5
v2.12.4
v2.12.3
v2.12.2
v2.12.1
v2.12.0
v2.11.3
v2.11.2
v2.11.1
v2.11.0
v2.10.4
v2.10.3
v2.10.2
v2.10.1
v2.10.0
v2.9.22
v2.9.21
v2.9.20
v2.9.19
v2.9.18
v2.9.17
v2.9.16
v2.9.15
v2.9.14
v2.9.13
v2.9.12
v2.9.11
v2.9.10
v2.9.9
v2.9.8
v2.9.7
v2.9.6
v2.9.5
v2.9.4
v2.9.3
v2.9.2
v2.9.1
v2.9.0
v2.8.1
v2.8.0
v2.7.3
v2.7.2
v2.7.1
v2.7.0
v2.6.2
v2.6.1
v2.6.0
v2.5.0
v2.4.0
v2.3.1
v2.3.0
v2.2.4
v2.2.3
v2.2.2
v2.2.1
v2.2.0
v2.1.2
v2.1.1
v2.1.0
2.0.14
2.0.13
2.0.12
2.0.11
2.0.10
2.0.9
2.0.8
2.0.7
2.0.6
2.0.5
2.0.4
2.0.3
2.0.2
2.0.0
v2.0.0
1.1.2
1.1.1
1.0.1
Labels
Clear labels   
awaiting feedback

   
bug

   
cannot reproduce

   
dns provider request

   
duplicate

   
enhancement

   
enhancement

   
enhancement

   
good first issue

   
help wanted

   
invalid

   
need more info

   
no certbot plugin available

   
product-support

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
stale

   
troll

   
upstream issue

   
v2

   
v2

   
v2

   
v3

   
wontfix
No labels
awaiting feedback
bug
cannot reproduce
dns provider request
duplicate
enhancement
enhancement
enhancement
good first issue
help wanted
invalid
need more info
no certbot plugin available
product-support
pull-request
question
stale
troll
upstream issue
v2
v2
v2
v3
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/nginx-proxy-manager-NginxProxyManager#2754
No description provided.