starred/nginx-proxy-manager-NginxProxyManager
1
0
Fork 0
mirror of https://github.com/NginxProxyManager/nginx-proxy-manager.git synced 2026-04-26 01:45:54 +03:00
Code Issues 937 Projects Releases 10 Packages Wiki Activity

[GH-ISSUE #584] Internal error while getting Lets Encrypt certificate / SQlite database #490

New issue
Closed
opened 2026-02-26 06:33:05 +03:00 by kerem · 15 comments
kerem commented 2026-02-26 06:33:05 +03:00
Owner
Copy link

Originally created by @AnthoBalitrand on GitHub (Aug 26, 2020).
Original GitHub issue: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/584

When trying to get a new certificate from Let's Encrypt, I get an "Internal Error" message.
Using latest docker image (2.4.0).

By looking at the /var/log/letsencrypt/letsencrypt.log file, I can see that the challenges has been successfully completed :

2020-08-26 21:54:18,911:DEBUG:certbot._internal.storage:Creating directory /etc/letsencrypt/archive.
2020-08-26 21:54:18,912:DEBUG:certbot._internal.storage:Creating directory /etc/letsencrypt/live.
2020-08-26 21:54:18,912:DEBUG:certbot._internal.storage:Writing README to /etc/letsencrypt/live/README.
2020-08-26 21:54:18,913:DEBUG:certbot._internal.storage:Archive directory /etc/letsencrypt/archive/npm-2 and live directory /etc/letsencrypt/live/npm-2 created.
2020-08-26 21:54:18,913:DEBUG:certbot._internal.storage:Writing certificate to /etc/letsencrypt/live/npm-2/cert.pem.
2020-08-26 21:54:18,914:DEBUG:certbot._internal.storage:Writing private key to /etc/letsencrypt/live/npm-2/privkey.pem.
2020-08-26 21:54:18,914:DEBUG:certbot._internal.storage:Writing chain to /etc/letsencrypt/live/npm-2/chain.pem.
2020-08-26 21:54:18,914:DEBUG:certbot._internal.storage:Writing full chain to /etc/letsencrypt/live/npm-2/fullchain.pem.
2020-08-26 21:54:18,914:DEBUG:certbot._internal.storage:Writing README to /etc/letsencrypt/live/npm-2/README.
2020-08-26 21:54:19,032:DEBUG:certbot._internal.plugins.selection:Requested authenticator webroot and installer <certbot._internal.cli.cli_utils._Default object at 0x7fc1461d4190>
2020-08-26 21:54:19,033:DEBUG:certbot._internal.cli:Var pref_challs=dns,http (set by user).
2020-08-26 21:54:19,033:DEBUG:certbot._internal.cli:Var authenticator=webroot (set by user).
2020-08-26 21:54:19,033:DEBUG:certbot._internal.cli:Var webroot_path=/data/letsencrypt-acme-challenge (set by user).
2020-08-26 21:54:19,034:DEBUG:certbot._internal.cli:Var webroot_path=/data/letsencrypt-acme-challenge (set by user).
2020-08-26 21:54:19,034:DEBUG:certbot._internal.cli:Var webroot_map={'webroot_path'} (set by user).
2020-08-26 21:54:19,034:DEBUG:certbot._internal.storage:Writing new config /etc/letsencrypt/renewal/npm-2.conf.
2020-08-26 21:54:19,079:DEBUG:certbot._internal.reporter:Reporting to user: Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/npm-2/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/npm-2/privkey.pem
Your cert will expire on 2020-11-24. To obtain a new or tweaked version of this certificate in the future, simply run certbot again. To non-interactively renew *all* of your certificates, run "certbot renew"

The certificate is then displayed on the certificates list as expired with an expiration date being the current day.

image

By looking at the certificate file on /etc/letsencrypt/live/..., I can see the certificate being valid :

[root@docker-nginx:/etc/letsencrypt/live/npm-2]# openssl x509 -in cert.pem -text Certificate: Data: Version: 3 (0x2) Serial Number: <removed> Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3 Validity Not Before: Aug 26 20:54:16 2020 GMT Not After : Nov 24 20:54:16 2020 GMT

Originally created by @AnthoBalitrand on GitHub (Aug 26, 2020). Original GitHub issue: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/584 When trying to get a new certificate from Let's Encrypt, I get an "Internal Error" message. Using latest docker image (2.4.0). By looking at the /var/log/letsencrypt/letsencrypt.log file, I can see that the challenges has been successfully completed : ``` 2020-08-26 21:54:18,911:DEBUG:certbot._internal.storage:Creating directory /etc/letsencrypt/archive. 2020-08-26 21:54:18,912:DEBUG:certbot._internal.storage:Creating directory /etc/letsencrypt/live. 2020-08-26 21:54:18,912:DEBUG:certbot._internal.storage:Writing README to /etc/letsencrypt/live/README. 2020-08-26 21:54:18,913:DEBUG:certbot._internal.storage:Archive directory /etc/letsencrypt/archive/npm-2 and live directory /etc/letsencrypt/live/npm-2 created. 2020-08-26 21:54:18,913:DEBUG:certbot._internal.storage:Writing certificate to /etc/letsencrypt/live/npm-2/cert.pem. 2020-08-26 21:54:18,914:DEBUG:certbot._internal.storage:Writing private key to /etc/letsencrypt/live/npm-2/privkey.pem. 2020-08-26 21:54:18,914:DEBUG:certbot._internal.storage:Writing chain to /etc/letsencrypt/live/npm-2/chain.pem. 2020-08-26 21:54:18,914:DEBUG:certbot._internal.storage:Writing full chain to /etc/letsencrypt/live/npm-2/fullchain.pem. 2020-08-26 21:54:18,914:DEBUG:certbot._internal.storage:Writing README to /etc/letsencrypt/live/npm-2/README. 2020-08-26 21:54:19,032:DEBUG:certbot._internal.plugins.selection:Requested authenticator webroot and installer <certbot._internal.cli.cli_utils._Default object at 0x7fc1461d4190> 2020-08-26 21:54:19,033:DEBUG:certbot._internal.cli:Var pref_challs=dns,http (set by user). 2020-08-26 21:54:19,033:DEBUG:certbot._internal.cli:Var authenticator=webroot (set by user). 2020-08-26 21:54:19,033:DEBUG:certbot._internal.cli:Var webroot_path=/data/letsencrypt-acme-challenge (set by user). 2020-08-26 21:54:19,034:DEBUG:certbot._internal.cli:Var webroot_path=/data/letsencrypt-acme-challenge (set by user). 2020-08-26 21:54:19,034:DEBUG:certbot._internal.cli:Var webroot_map={'webroot_path'} (set by user). 2020-08-26 21:54:19,034:DEBUG:certbot._internal.storage:Writing new config /etc/letsencrypt/renewal/npm-2.conf. 2020-08-26 21:54:19,079:DEBUG:certbot._internal.reporter:Reporting to user: Congratulations! Your certificate and chain have been saved at: /etc/letsencrypt/live/npm-2/fullchain.pem Your key file has been saved at: /etc/letsencrypt/live/npm-2/privkey.pem Your cert will expire on 2020-11-24. To obtain a new or tweaked version of this certificate in the future, simply run certbot again. To non-interactively renew *all* of your certificates, run "certbot renew" ``` The certificate is then displayed on the certificates list as expired with an expiration date being the current day. ![image](https://user-images.githubusercontent.com/24936333/91362565-0ed6ff00-e7fb-11ea-9435-630db71d2404.png) By looking at the certificate file on /etc/letsencrypt/live/..., I can see the certificate being valid : `[root@docker-nginx:/etc/letsencrypt/live/npm-2]# openssl x509 -in cert.pem -text Certificate: Data: Version: 3 (0x2) Serial Number: <removed> Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3 Validity Not Before: Aug 26 20:54:16 2020 GMT Not After : Nov 24 20:54:16 2020 GMT`
kerem 2026-02-26 06:33:05 +03:00
  • closed this issue
  • added the
    bug
         label
kerem commented 2026-02-26 06:33:06 +03:00
Author
Owner
Copy link

@AnthoBalitrand commented on GitHub (Aug 27, 2020):

More information :

After manually editing the expiration date of the generated certificate on my SQlite database file (to make it match the real expiration date of the certificate signed by Let's Encrypt), everything goes well.

It seems that the issue appears when nginx-proxy-manager tries to update the expiration date on the database after the certificate is generated, when using an SQlite database file (didn't tested with a mySQL one).

<!-- gh-comment-id:682129762 --> @AnthoBalitrand commented on GitHub (Aug 27, 2020): More information : After manually editing the expiration date of the generated certificate on my SQlite database file (to make it match the real expiration date of the certificate signed by Let's Encrypt), everything goes well. It seems that the issue appears when nginx-proxy-manager tries to update the expiration date on the database after the certificate is generated, when using an SQlite database file (didn't tested with a mySQL one).
kerem commented 2026-02-26 06:33:06 +03:00
Author
Owner
Copy link

@RichardDern commented on GitHub (Aug 29, 2020):

Apparently, it's caused by FROM_UNIXTIME:

[8/29/2020] [10:22:15 PM] [Express  ] › ⚠  warning   update `certificate` set `modified_on` = date('now'), `expires_on` = FROM_UNIXTIME(1606511988) where `certificate`.`id` = 3 - SQLITE_ERROR: no such function: FROM_UNIXTIME
<!-- gh-comment-id:683348257 --> @RichardDern commented on GitHub (Aug 29, 2020): Apparently, it's caused by ```FROM_UNIXTIME```: ``` [8/29/2020] [10:22:15 PM] [Express ] › ⚠ warning update `certificate` set `modified_on` = date('now'), `expires_on` = FROM_UNIXTIME(1606511988) where `certificate`.`id` = 3 - SQLITE_ERROR: no such function: FROM_UNIXTIME ```
kerem commented 2026-02-26 06:33:06 +03:00
Author
Owner
Copy link

@cristiangauma commented on GitHub (Aug 29, 2020):

I can confirm, that I also have the problem with 3 - SQLITE_ERROR: no such function: FROM_UNIXTIME and somehow it makes the domain to reach the letsencrypt rate-limit (so in my case until the next week I won't be able to get a new SSL certificate for the domain that I was configuring.).

It worked properly before start using SQLITE.

Related: https://github.com/jc21/nginx-proxy-manager/issues/557

<!-- gh-comment-id:683352713 --> @cristiangauma commented on GitHub (Aug 29, 2020): I can confirm, that I also have the problem with ```3 - SQLITE_ERROR: no such function: FROM_UNIXTIME``` and somehow it makes the domain to reach the letsencrypt rate-limit (so in my case until the next week I won't be able to get a new SSL certificate for the domain that I was configuring.). It worked properly before start using SQLITE. Related: https://github.com/jc21/nginx-proxy-manager/issues/557
kerem commented 2026-02-26 06:33:06 +03:00
Author
Owner
Copy link

@AnonJervis commented on GitHub (Aug 31, 2020):

I can confirm as well showing the same error caused by FROM_UNIXTIME

<!-- gh-comment-id:683656785 --> @AnonJervis commented on GitHub (Aug 31, 2020): I can confirm as well showing the same error caused by FROM_UNIXTIME
kerem commented 2026-02-26 06:33:06 +03:00
Author
Owner
Copy link

@d33pjs commented on GitHub (Sep 1, 2020):

Same Problem for me.

<!-- gh-comment-id:684858144 --> @d33pjs commented on GitHub (Sep 1, 2020): Same Problem for me.
kerem commented 2026-02-26 06:33:06 +03:00
Author
Owner
Copy link

@meichthys commented on GitHub (Sep 8, 2020):

Same here.
@tg44 Did you also face this issue when implementing SQLite?

<!-- gh-comment-id:688590190 --> @meichthys commented on GitHub (Sep 8, 2020): Same here. @tg44 Did you also face this issue when implementing SQLite?
kerem commented 2026-02-26 06:33:06 +03:00
Author
Owner
Copy link

@meichthys commented on GitHub (Sep 8, 2020):

It looks like this may be fixed in #560

<!-- gh-comment-id:688591865 --> @meichthys commented on GitHub (Sep 8, 2020): It looks like this may be fixed in #560
kerem commented 2026-02-26 06:33:06 +03:00
Author
Owner
Copy link

@meichthys commented on GitHub (Sep 8, 2020):

I can confirm this is fixed in v2.5.0 🚀

<!-- gh-comment-id:688593534 --> @meichthys commented on GitHub (Sep 8, 2020): I can confirm this is fixed in v2.5.0 🚀
kerem commented 2026-02-26 06:33:06 +03:00
Author
Owner
Copy link

@tg44 commented on GitHub (Sep 8, 2020):

I dont use certs, probably this is the reason why I didn't catch that...

Yes the problem is the sql function (sqlite is really limited and sonetimes dumb), and the linked PR is the fix for this (I did the same with the current time function anno).

<!-- gh-comment-id:688616844 --> @tg44 commented on GitHub (Sep 8, 2020): I dont use certs, probably this is the reason why I didn't catch that... Yes the problem is the sql function (sqlite is really limited and sonetimes dumb), and the linked PR is the fix for this (I did the same with the current time function anno).
kerem commented 2026-02-26 06:33:06 +03:00
Author
Owner
Copy link

@meichthys commented on GitHub (Sep 10, 2020):

@jc21 i think we can close this 👍

<!-- gh-comment-id:689987558 --> @meichthys commented on GitHub (Sep 10, 2020): @jc21 i think we can close this 👍
kerem commented 2026-02-26 06:33:06 +03:00
Author
Owner
Copy link

@docfactory37 commented on GitHub (Sep 17, 2020):

also have the same issue

<!-- gh-comment-id:693777376 --> @docfactory37 commented on GitHub (Sep 17, 2020): also have the same issue
kerem commented 2026-02-26 06:33:06 +03:00
Author
Owner
Copy link

@meichthys commented on GitHub (Sep 17, 2020):

@docfactory37 The issue was fixed in v2.5.0
Make sure you're updated to that version. If you're still having the issue, you may want to open a different issue and include some logs for further troubleshooting.

<!-- gh-comment-id:693782741 --> @meichthys commented on GitHub (Sep 17, 2020): @docfactory37 The issue was fixed in v2.5.0 Make sure you're updated to that version. If you're still having the issue, you may want to open a different issue and include some logs for further troubleshooting.
kerem commented 2026-02-26 06:33:06 +03:00
Author
Owner
Copy link

@ionescu77 commented on GitHub (May 10, 2021):

Thank you everyone.
I think this issue can be closed.

I've been running on sqlite successfully with letzencrypt (& cloudflare) since 1y (Note: currently on n-p-m docker v3.8.0)

<!-- gh-comment-id:836562558 --> @ionescu77 commented on GitHub (May 10, 2021): Thank you everyone. I think this issue can be closed. I've been running on `sqlite` successfully with letzencrypt (& cloudflare) since 1y (Note: currently on n-p-m docker `v3.8.0`)
kerem commented 2026-02-26 06:33:06 +03:00
Author
Owner
Copy link

@meichthys commented on GitHub (May 10, 2021):

Agreed. I've also been using SQlite without any issues.
@AnthoBalitrand can you confirm that this issue is fixed? If so, could you close this issue?

<!-- gh-comment-id:836634222 --> @meichthys commented on GitHub (May 10, 2021): Agreed. I've also been using SQlite without any issues. @AnthoBalitrand can you confirm that this issue is fixed? If so, could you close this issue?
kerem commented 2026-02-26 06:33:06 +03:00
Author
Owner
Copy link

@AnthoBalitrand commented on GitHub (May 12, 2021):

I confirm, it's now working properly :-)
Thanks for your help !

<!-- gh-comment-id:840008074 --> @AnthoBalitrand commented on GitHub (May 12, 2021): I confirm, it's now working properly :-) Thanks for your help !
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
develop
dependabot/npm_and_yarn/backend/liquidjs-10.25.7
dependabot/npm_and_yarn/frontend/prod-minor-updates-2a16bf3987
dependabot/npm_and_yarn/frontend/dev-patch-updates-754666cf41
dependabot/npm_and_yarn/backend/basic-ftp-5.3.0
dependabot/npm_and_yarn/test/follow-redirects-1.16.0
dependabot/npm_and_yarn/test/axios-1.15.0
dependabot/npm_and_yarn/frontend/lodash-4.18.1
dependabot/npm_and_yarn/backend/lodash-4.18.1
dependabot/npm_and_yarn/test/lodash-4.18.1
dependabot/npm_and_yarn/frontend/vite-7.3.2
dependabot/npm_and_yarn/backend/prod-minor-updates-5ec19a7f21
dependabot/npm_and_yarn/frontend/lodash-es-4.18.1
dependabot/npm_and_yarn/frontend/happy-dom-20.8.9
dependabot/npm_and_yarn/backend/path-to-regexp-8.4.0
dependabot/npm_and_yarn/frontend/picomatch-4.0.4
dependabot/npm_and_yarn/backend/picomatch-2.3.2
dependabot/npm_and_yarn/frontend/yaml-1.10.3
dependabot/npm_and_yarn/test/flatted-3.4.2
dependabot/npm_and_yarn/test/tar-7.5.11
dependabot/npm_and_yarn/frontend/immutable-5.1.5
master
dependabot/npm_and_yarn/test/glob-10.5.0
dependabot/npm_and_yarn/frontend/mdast-util-to-hast-13.2.1
dependabot/npm_and_yarn/test/form-data-4.0.4
v3-abandoned
bump-freedns
openidc
ssl-passthrough-hosts
static-content
v2.14.0
v2.13.7
v2.13.6
v2.13.5
v2.13.4
v2.13.3
v2.13.2
v2.13.1
v2.13.0
v2.12.6
v2.12.5
v2.12.4
v2.12.3
v2.12.2
v2.12.1
v2.12.0
v2.11.3
v2.11.2
v2.11.1
v2.11.0
v2.10.4
v2.10.3
v2.10.2
v2.10.1
v2.10.0
v2.9.22
v2.9.21
v2.9.20
v2.9.19
v2.9.18
v2.9.17
v2.9.16
v2.9.15
v2.9.14
v2.9.13
v2.9.12
v2.9.11
v2.9.10
v2.9.9
v2.9.8
v2.9.7
v2.9.6
v2.9.5
v2.9.4
v2.9.3
v2.9.2
v2.9.1
v2.9.0
v2.8.1
v2.8.0
v2.7.3
v2.7.2
v2.7.1
v2.7.0
v2.6.2
v2.6.1
v2.6.0
v2.5.0
v2.4.0
v2.3.1
v2.3.0
v2.2.4
v2.2.3
v2.2.2
v2.2.1
v2.2.0
v2.1.2
v2.1.1
v2.1.0
2.0.14
2.0.13
2.0.12
2.0.11
2.0.10
2.0.9
2.0.8
2.0.7
2.0.6
2.0.5
2.0.4
2.0.3
2.0.2
2.0.0
v2.0.0
1.1.2
1.1.1
1.0.1
Labels
Clear labels   
awaiting feedback

   
bug

   
cannot reproduce

   
dns provider request

   
duplicate

   
enhancement

   
enhancement

   
enhancement

   
good first issue

   
help wanted

   
invalid

   
need more info

   
no certbot plugin available

   
product-support

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
stale

   
troll

   
upstream issue

   
v2

   
v2

   
v2

   
v3

   
wontfix
No labels
awaiting feedback
bug
cannot reproduce
dns provider request
duplicate
enhancement
enhancement
enhancement
good first issue
help wanted
invalid
need more info
no certbot plugin available
product-support
pull-request
question
stale
troll
upstream issue
v2
v2
v2
v3
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/nginx-proxy-manager-NginxProxyManager#490
No description provided.