[GH-ISSUE #1189] DNS challenge DYNU configuration #970

New issue

Closed

opened 2026-02-26 06:35:15 +03:00 by kerem · 12 comments

kerem commented 2026-02-26 06:35:15 +03:00

Owner

Copy link

Originally created by @suhrke on GitHub (Jun 18, 2021).
Original GitHub issue: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/1189

Checklist

• Have you pulled and found the error with jc21/nginx-proxy-manager:latest docker image?
  • Yes
• Are you sure you're not using someone else's docker image?
  • Yes
• Have you searched for similar issues (both open and closed)?
  • Yes

Describe the bug

Hello,
I wanted to use the DNS challenge plugin Dynu, and this wants to get
certbot_dns_dynu:dns_dynu_auth_token = YOUR_DYNU_AUTH_TOKEN

I replaced YOUR_DYNU_AUTH_TOKEN with my own api token at dynu.com

and got only

"Internal error"
and
"This section requires some knowledge about Certbot and its DNS plugins. Please consult the respective plugins documentation."

In the corresponding python script inside the container /opt/certbot/lib/python3.7/site-packages/certbot_dns_dynu/dns_dynu.py I found also only the reference to the dynu auth token.
I use this DNS challenge on another platform (proxmox-ve) which uses auth-token and oauth2 Client-ID/secret what works properly. So I look for a way to configure this in nginx proxy manager properly, but found not any hint.

Nginx Proxy Manager Version

To Reproduce
Steps to reproduce the behavior:

1. Go to '...' dynu.com, create the subdomain/address record for the affected certificate
2. create a new proxy with this dns name
3. go to SSL
4. request a new SSL certificate with LE
5. take "Use a DNS challenge"
6. choose "dynu"
7. put yout authentication token into the configuration field like
   certbot_dns_dynu:dns_dynu_auth_token = MY_OWN_DYNU_AUTH_TOKEN
8. put in yout LE account email
9. choose "I agree to .."
10. optional choose "Force SSL" and "HTTP/2 support"
11. choose "Save"

Expected behavior

correct pull a certificate from letsencrypt with dns challenge provided by dynu.com

Screenshots

Operating System

ubuntu 20.04 LTS / Docker version 20.10.7, build f0df350

Additional context

Originally created by @suhrke on GitHub (Jun 18, 2021). Original GitHub issue: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/1189 <!-- Are you in the right place? - If you are looking for support on how to get your upstream server forwarding, please consider asking the community on Reddit. - If you are writing code changes to contribute and need to ask about the internals of the software, Gitter is the best place to ask. - If you think you found a bug with NPM (not Nginx, or your upstream server or MySql) then you are in the *right place.* --> **Checklist** - Have you pulled and found the error with `jc21/nginx-proxy-manager:latest` docker image? - Yes - Are you sure you're not using someone else's docker image? - Yes - Have you searched for similar issues (both open and closed)? - Yes - **Describe the bug** <!-- A clear and concise description of what the bug is. --> Hello, I wanted to use the DNS challenge plugin Dynu, and this wants to get certbot_dns_dynu:dns_dynu_auth_token = YOUR_DYNU_AUTH_TOKEN I replaced YOUR_DYNU_AUTH_TOKEN with my own api token at dynu.com and got only "Internal error" and "This section requires some knowledge about Certbot and its DNS plugins. Please consult the respective plugins documentation." In the corresponding python script inside the container /opt/certbot/lib/python3.7/site-packages/certbot_dns_dynu/dns_dynu.py I found also only the reference to the dynu auth token. I use this DNS challenge on another platform (proxmox-ve) which uses auth-token and oauth2 Client-ID/secret what works properly. So I look for a way to configure this in nginx proxy manager properly, but found not any hint. **Nginx Proxy Manager Version** <!-- What version of Nginx Proxy Manager is reported on the login page? --> **To Reproduce** Steps to reproduce the behavior: 1. Go to '...' dynu.com, create the subdomain/address record for the affected certificate 2. create a new proxy with this dns name 3. go to SSL 4. request a new SSL certificate with LE 5. take "Use a DNS challenge" 6. choose "dynu" 7. put yout authentication token into the configuration field like certbot_dns_dynu:dns_dynu_auth_token = MY_OWN_DYNU_AUTH_TOKEN 8. put in yout LE account email 9. choose "I agree to .." 10. optional choose "Force SSL" and "HTTP/2 support" 11. choose "Save" **Expected behavior** <!-- A clear and concise description of what you expected to happen. --> correct pull a certificate from letsencrypt with dns challenge provided by dynu.com **Screenshots** <!-- If applicable, add screenshots to help explain your problem. --> <img width="370" alt="Screenshot 2021-06-19 001030" src="https://user-images.githubusercontent.com/16483530/122620359-0ce47200-d093-11eb-9710-1e2910119a5d.png">  **Operating System** <!-- Please specify if using a Rpi, Mac, orchestration tool or any other setups that might affect the reproduction of this error. --> ubuntu 20.04 LTS / Docker version 20.10.7, build f0df350 **Additional context** <!-- Add any other context about the problem here, docker version, browser version, logs if applicable to the problem. Too much info is better than too little. -->

kerem 2026-02-26 06:35:15 +03:00

• closed this issue
• added the
  stale
  bug
  awaiting feedback
  labels

kerem commented 2026-02-26 06:35:16 +03:00

Author

Owner

Copy link

@chaptergy commented on GitHub (Jun 23, 2021):

Could you take a look into the logs of the npm container to see what the actual error is?

<!-- gh-comment-id:866590118 --> @chaptergy commented on GitHub (Jun 23, 2021): Could you take a look into the logs of the npm container to see what the actual error is?

kerem commented 2026-02-26 06:35:16 +03:00

Author

Owner

Copy link

@sillydanny commented on GitHub (Jul 3, 2023):

I have the same issue about the DNS challenge,

npm | [7/3/2023] [9:06:16 AM] [Nginx ] › ℹ info Reloading Nginx
npm | [7/3/2023] [9:06:16 AM] [Express ] › ⚠ warning Command failed: . > > /opt/certbot/bin/activate && pip install --no-cache-dir --user certbot-dns-godaddy~=0.2.0 && deactivate
npm | ERROR: Will not install to the user site because it will lack sys.path precedence to urllib3 in /opt/certbot/lib/python3.7/site-packages

<!-- gh-comment-id:1617687416 --> @sillydanny commented on GitHub (Jul 3, 2023): I have the same issue about the DNS challenge, > npm | [7/3/2023] [9:06:16 AM] [Nginx ] › ℹ info Reloading Nginx > npm | [7/3/2023] [9:06:16 AM] [Express ] › ⚠ warning Command failed: . > > /opt/certbot/bin/activate && pip install --no-cache-dir --user certbot-dns-godaddy~=0.2.0 && deactivate > npm | ERROR: Will not install to the user site because it will lack sys.path precedence to urllib3 in /opt/certbot/lib/python3.7/site-packages

kerem commented 2026-02-26 06:35:16 +03:00

Author

Owner

Copy link

@randomDrops commented on GitHub (Jul 26, 2023):

Found a solution. Guess there might be a better solution.
Replace the text with dns_dynu_auth_token=\<api-key\>. Of course, replace the angle-bracket with your own API-key from Dynu. Remove all the spaces on both sides of the equal sign.

<!-- gh-comment-id:1651674035 --> @randomDrops commented on GitHub (Jul 26, 2023): Found a solution. Guess there might be a better solution. Replace the text with `dns_dynu_auth_token=\<api-key\>`. Of course, replace the angle-bracket with your own API-key from Dynu. Remove all the spaces on both sides of the equal sign. 

kerem commented 2026-02-26 06:35:16 +03:00

Author

Owner

Copy link

@randomDrops commented on GitHub (Jul 26, 2023):

Update: Remember to put 120 into the Propagation Seconds textbox. Please be patient and try a few times till it succeeds.

<!-- gh-comment-id:1652304005 --> @randomDrops commented on GitHub (Jul 26, 2023): Update: Remember to put 120 into the Propagation Seconds textbox. Please be patient and try a few times till it succeeds.

kerem commented 2026-02-26 06:35:16 +03:00

Author

Owner

Copy link

@DairyWeb3638077 commented on GitHub (Nov 29, 2023):

I get this error

Internal Error

Error: Command failed: certbot certonly --config "/etc/letsencrypt.ini" --work-dir "/tmp/letsencrypt-lib" --logs-dir "/tmp/letsencrypt-log" --cert-name "npm-29" --agree-tos --email "MY EMAIL" --domains "MY DOMAIN" --authenticator dns-dynu --dns-dynu-credentials "/etc/letsencrypt/credentials/credentials-29" --dns-dynu-propagation-seconds 120
Traceback (most recent call last):
  File "/usr/bin/certbot", line 5, in 
    from certbot.main import main
  File "/opt/certbot/lib/python3.7/site-packages/certbot/main.py", line 6, in 
    from certbot._internal import main as internal_main
  File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/main.py", line 21, in 
    import josepy as jose
  File "/opt/certbot/lib/python3.7/site-packages/josepy/__init__.py", line 40, in 
    from josepy.json_util import (
  File "/opt/certbot/lib/python3.7/site-packages/josepy/json_util.py", line 24, in 
    from OpenSSL import crypto
  File "/opt/certbot/lib/python3.7/site-packages/OpenSSL/__init__.py", line 8, in 
    from OpenSSL import crypto, SSL
  File "/opt/certbot/lib/python3.7/site-packages/OpenSSL/crypto.py", line 1517, in 
    class X509StoreFlags(object):
  File "/opt/certbot/lib/python3.7/site-packages/OpenSSL/crypto.py", line 1537, in X509StoreFlags
    CB_ISSUER_CHECK = _lib.X509_V_FLAG_CB_ISSUER_CHECK
AttributeError: module 'lib' has no attribute 'X509_V_FLAG_CB_ISSUER_CHECK'

    at ChildProcess.exithandler (node:child_process:402:12)
    at ChildProcess.emit (node:events:513:28)
    at maybeClose (node:internal/child_process:1100:16)
    at Socket. (node:internal/child_process:458:11)
    at Socket.emit (node:events:513:28)
    at Pipe. (node:net:301:12)

<!-- gh-comment-id:1832323109 --> @DairyWeb3638077 commented on GitHub (Nov 29, 2023): I get this error ```md Internal Error ``` ```error Error: Command failed: certbot certonly --config "/etc/letsencrypt.ini" --work-dir "/tmp/letsencrypt-lib" --logs-dir "/tmp/letsencrypt-log" --cert-name "npm-29" --agree-tos --email "MY EMAIL" --domains "MY DOMAIN" --authenticator dns-dynu --dns-dynu-credentials "/etc/letsencrypt/credentials/credentials-29" --dns-dynu-propagation-seconds 120 Traceback (most recent call last): File "/usr/bin/certbot", line 5, in from certbot.main import main File "/opt/certbot/lib/python3.7/site-packages/certbot/main.py", line 6, in from certbot._internal import main as internal_main File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/main.py", line 21, in import josepy as jose File "/opt/certbot/lib/python3.7/site-packages/josepy/__init__.py", line 40, in from josepy.json_util import ( File "/opt/certbot/lib/python3.7/site-packages/josepy/json_util.py", line 24, in from OpenSSL import crypto File "/opt/certbot/lib/python3.7/site-packages/OpenSSL/__init__.py", line 8, in from OpenSSL import crypto, SSL File "/opt/certbot/lib/python3.7/site-packages/OpenSSL/crypto.py", line 1517, in class X509StoreFlags(object): File "/opt/certbot/lib/python3.7/site-packages/OpenSSL/crypto.py", line 1537, in X509StoreFlags CB_ISSUER_CHECK = _lib.X509_V_FLAG_CB_ISSUER_CHECK AttributeError: module 'lib' has no attribute 'X509_V_FLAG_CB_ISSUER_CHECK' at ChildProcess.exithandler (node:child_process:402:12) at ChildProcess.emit (node:events:513:28) at maybeClose (node:internal/child_process:1100:16) at Socket. (node:internal/child_process:458:11) at Socket.emit (node:events:513:28) at Pipe. (node:net:301:12) ```

kerem commented 2026-02-26 06:35:16 +03:00

Author

Owner

Copy link

@yuriw commented on GitHub (Jan 20, 2024):

I see this too in 2024
Were there any solutions found for this issue?

<!-- gh-comment-id:1902120622 --> @yuriw commented on GitHub (Jan 20, 2024): I see this too in 2024 Were there any solutions found for this issue?

kerem commented 2026-02-26 06:35:16 +03:00

Author

Owner

Copy link

@st-ivan commented on GitHub (Feb 24, 2024):

This seems to be fixed in NPM version 2.11.
default text: dns_dynu_auth_token = YOUR_DYNU_AUTH_TOKEN
Just remove "YOUR_DYNU_AUTH_TOKEN" and put your API KEY. Wait for about 1 minute and the cert will be issued.

<!-- gh-comment-id:1962173244 --> @st-ivan commented on GitHub (Feb 24, 2024): This seems to be fixed in NPM version 2.11. default text: dns_dynu_auth_token = YOUR_DYNU_AUTH_TOKEN Just remove "YOUR_DYNU_AUTH_TOKEN" and put your API KEY. Wait for about 1 minute and the cert will be issued.

kerem commented 2026-02-26 06:35:16 +03:00

Author

Owner

Copy link

@mrt2nbl commented on GitHub (Feb 24, 2024):

Working for me even with default text (without space)

<!-- gh-comment-id:1962296735 --> @mrt2nbl commented on GitHub (Feb 24, 2024): Working for me even with default text (without space)

kerem commented 2026-02-26 06:35:16 +03:00

Author

Owner

Copy link

@yurii-karadzhov commented on GitHub (Jun 16, 2024):

I got unrecognized arguments error:

CommandError: usage: 
  certbot [SUBCOMMAND] [options] [-d DOMAIN] [-d DOMAIN] ...

Certbot can obtain and install HTTPS/TLS/SSL certificates.  By default,
it will attempt to use a webserver both for obtaining and installing the
certificate. 
certbot: error: unrecognized arguments: --dns-dynu-credentials /etc/letsencrypt/credentials/credentials-2 --dns-dynu-propagation-seconds 120

    at /app/lib/utils.js:16:13
    at ChildProcess.exithandler (node:child_process:410:5)
    at ChildProcess.emit (node:events:513:28)
    at maybeClose (node:internal/child_process:1100:16)
    at Process.ChildProcess._handle.onexit (node:internal/child_process:304:5)

<!-- gh-comment-id:2171460166 --> @yurii-karadzhov commented on GitHub (Jun 16, 2024): I got unrecognized arguments error: ``` CommandError: usage: certbot [SUBCOMMAND] [options] [-d DOMAIN] [-d DOMAIN] ... Certbot can obtain and install HTTPS/TLS/SSL certificates. By default, it will attempt to use a webserver both for obtaining and installing the certificate. certbot: error: unrecognized arguments: --dns-dynu-credentials /etc/letsencrypt/credentials/credentials-2 --dns-dynu-propagation-seconds 120 at /app/lib/utils.js:16:13 at ChildProcess.exithandler (node:child_process:410:5) at ChildProcess.emit (node:events:513:28) at maybeClose (node:internal/child_process:1100:16) at Process.ChildProcess._handle.onexit (node:internal/child_process:304:5) ```

kerem commented 2026-02-26 06:35:16 +03:00

Author

Owner

Copy link

@yurii-karadzhov commented on GitHub (Jun 16, 2024):

pip install certbot-dns-dynu solves the issue

<!-- gh-comment-id:2171577723 --> @yurii-karadzhov commented on GitHub (Jun 16, 2024): ```pip install certbot-dns-dynu``` solves the issue

kerem commented 2026-02-26 06:35:16 +03:00

Author

Owner

Copy link

@github-actions[bot] commented on GitHub (Feb 9, 2025):

Issue is now considered stale. If you want to keep it open, please comment 👍

<!-- gh-comment-id:2646026748 --> @github-actions[bot] commented on GitHub (Feb 9, 2025): Issue is now considered stale. If you want to keep it open, please comment :+1:

kerem commented 2026-02-26 06:35:16 +03:00

Author

Owner

Copy link

@github-actions[bot] commented on GitHub (Feb 22, 2026):

Issue was closed due to inactivity.

<!-- gh-comment-id:3939942909 --> @github-actions[bot] commented on GitHub (Feb 22, 2026): Issue was closed due to inactivity.

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

develop

dependabot/npm_and_yarn/backend/liquidjs-10.25.7

dependabot/npm_and_yarn/frontend/prod-minor-updates-2a16bf3987

dependabot/npm_and_yarn/frontend/dev-patch-updates-754666cf41

dependabot/npm_and_yarn/backend/basic-ftp-5.3.0

dependabot/npm_and_yarn/test/follow-redirects-1.16.0

dependabot/npm_and_yarn/test/axios-1.15.0

dependabot/npm_and_yarn/frontend/lodash-4.18.1

dependabot/npm_and_yarn/backend/lodash-4.18.1

dependabot/npm_and_yarn/test/lodash-4.18.1

dependabot/npm_and_yarn/frontend/vite-7.3.2

dependabot/npm_and_yarn/backend/prod-minor-updates-5ec19a7f21

dependabot/npm_and_yarn/frontend/lodash-es-4.18.1

dependabot/npm_and_yarn/frontend/happy-dom-20.8.9

dependabot/npm_and_yarn/backend/path-to-regexp-8.4.0

dependabot/npm_and_yarn/frontend/picomatch-4.0.4

dependabot/npm_and_yarn/backend/picomatch-2.3.2

dependabot/npm_and_yarn/frontend/yaml-1.10.3

dependabot/npm_and_yarn/test/flatted-3.4.2

dependabot/npm_and_yarn/test/tar-7.5.11

dependabot/npm_and_yarn/frontend/immutable-5.1.5

master

dependabot/npm_and_yarn/test/glob-10.5.0

dependabot/npm_and_yarn/frontend/mdast-util-to-hast-13.2.1

dependabot/npm_and_yarn/test/form-data-4.0.4

v3-abandoned

bump-freedns

openidc

ssl-passthrough-hosts

static-content

v2.14.0

v2.13.7

v2.13.6

v2.13.5

v2.13.4

v2.13.3

v2.13.2

v2.13.1

v2.13.0

v2.12.6

v2.12.5

v2.12.4

v2.12.3

v2.12.2

v2.12.1

v2.12.0

v2.11.3

v2.11.2

v2.11.1

v2.11.0

v2.10.4

v2.10.3

v2.10.2

v2.10.1

v2.10.0

v2.9.22

v2.9.21

v2.9.20

v2.9.19

v2.9.18

v2.9.17

v2.9.16

v2.9.15

v2.9.14

v2.9.13

v2.9.12

v2.9.11

v2.9.10

v2.9.9

v2.9.8

v2.9.7

v2.9.6

v2.9.5

v2.9.4

v2.9.3

v2.9.2

v2.9.1

v2.9.0

v2.8.1

v2.8.0

v2.7.3

v2.7.2

v2.7.1

v2.7.0

v2.6.2

v2.6.1

v2.6.0

v2.5.0

v2.4.0

v2.3.1

v2.3.0

v2.2.4

v2.2.3

v2.2.2

v2.2.1

v2.2.0

v2.1.2

v2.1.1

v2.1.0

2.0.14

2.0.13

2.0.12

2.0.11

2.0.10

2.0.9

2.0.8

2.0.7

2.0.6

2.0.5

2.0.4

2.0.3

2.0.2

2.0.0

v2.0.0

1.1.2

1.1.1

1.0.1

Labels

Clear labels   

awaiting feedback

  

bug

  

cannot reproduce

  

dns provider request

  

duplicate

  

enhancement

  

enhancement

  

enhancement

  

good first issue

  

help wanted

  

invalid

  

need more info

  

no certbot plugin available

  

product-support

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

stale

  

troll

  

upstream issue

  

v2

  

v2

  

v2

  

v3

  

wontfix

No labels

awaiting feedback

bug

cannot reproduce

dns provider request

duplicate

enhancement

enhancement

enhancement

good first issue

help wanted

invalid

need more info

no certbot plugin available

product-support

pull-request

question

stale

troll

upstream issue

v2

v2

v2

v3

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/nginx-proxy-manager-NginxProxyManager#970

No description provided.