[GH-ISSUE #1208] SSL Certificate renewal after expiration and NPM update #985

New issue

Closed

opened 2026-02-26 06:35:19 +03:00 by kerem · 12 comments

kerem commented 2026-02-26 06:35:19 +03:00

Owner

Copy link

Originally created by @maxdd on GitHub (Jun 27, 2021).
Original GitHub issue: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/1208

Originally assigned to: @jc21 on GitHub.

Hi,
i'm facing issues with certificate renewal after there has been an expiration and after i've updated with the latest npm docker image. Below my log

[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 01_s6-secret-init.sh: executing... 
[cont-init.d] 01_s6-secret-init.sh: exited 0.
[cont-init.d] done.
[services.d] starting services
[services.d] done.
❯ Enabling IPV6 in hosts: /etc/nginx/conf.d
  ❯ /etc/nginx/conf.d/default.conf
  ❯ /etc/nginx/conf.d/include/block-exploits.conf
  ❯ /etc/nginx/conf.d/include/proxy.conf
  ❯ /etc/nginx/conf.d/include/letsencrypt-acme-challenge.conf
  ❯ /etc/nginx/conf.d/include/assets.conf
  ❯ /etc/nginx/conf.d/include/ip_ranges.conf
  ❯ /etc/nginx/conf.d/include/ssl-ciphers.conf
  ❯ /etc/nginx/conf.d/include/force-ssl.conf
  ❯ /etc/nginx/conf.d/include/resolvers.conf
  ❯ /etc/nginx/conf.d/production.conf
❯ Enabling IPV6 in hosts: /data/nginx
  ❯ /data/nginx/proxy_host/7.conf
  ❯ /data/nginx/default_host/site.conf
[6/27/2021] [2:43:39 PM] [Global   ] › ℹ  info      Generating MySQL db configuration from environment variables
[6/27/2021] [2:43:39 PM] [Global   ] › ℹ  info      Wrote db configuration to config file: ./config/production.json
[6/27/2021] [2:43:40 PM] [Migrate  ] › ℹ  info      Current database version: 20210210154703
[6/27/2021] [2:43:40 PM] [Setup    ] › ℹ  info      Creating a new JWT key pair...
[6/27/2021] [2:43:58 PM] [Setup    ] › ℹ  info      Wrote JWT key pair to config file: /app/config/production.json
[6/27/2021] [2:43:58 PM] [IP Ranges] › ℹ  info      Fetching IP Ranges from online services...
[6/27/2021] [2:43:58 PM] [IP Ranges] › ℹ  info      Fetching https://ip-ranges.amazonaws.com/ip-ranges.json
[6/27/2021] [2:43:59 PM] [IP Ranges] › ℹ  info      Fetching https://www.cloudflare.com/ips-v4
[6/27/2021] [2:43:59 PM] [IP Ranges] › ℹ  info      Fetching https://www.cloudflare.com/ips-v6
[6/27/2021] [2:43:59 PM] [SSL      ] › ℹ  info      Let's Encrypt Renewal Timer initialized
[6/27/2021] [2:43:59 PM] [SSL      ] › ℹ  info      Renewing SSL certs close to expiry...
[6/27/2021] [2:43:59 PM] [IP Ranges] › ℹ  info      IP Ranges Renewal Timer initialized
[6/27/2021] [2:43:59 PM] [Global   ] › ℹ  info      Backend PID 225 listening on port 3000 ...
[6/27/2021] [2:44:00 PM] [Nginx    ] › ℹ  info      Reloading Nginx
[6/27/2021] [2:44:00 PM] [SSL      ] › ℹ  info      Renew Complete
[6/27/2021] [2:44:08 PM] [Express  ] › ⚠  warning   invalid signature
`QueryBuilder#allowEager` method is deprecated. You should use `allowGraph` instead. `allowEager` method will be removed in 3.0
`QueryBuilder#eager` method is deprecated. You should use the `withGraphFetched` method instead. `eager` method will be removed in 3.0
QueryBuilder#omit is deprecated. This method will be removed in version 3.0
Duplicate relation "access_list" in a relation expression. You should use "a.[b, c]" instead of "[a.b, a.c]". This will cause an error in objection 2.0
[6/27/2021] [2:44:36 PM] [Nginx    ] › ℹ  info      Reloading Nginx
[6/27/2021] [2:44:36 PM] [SSL      ] › ℹ  info      Requesting Let'sEncrypt certificates for Cert #6: ***************
[6/27/2021] [2:44:40 PM] [Nginx    ] › ℹ  info      Reloading Nginx
[6/27/2021] [2:44:40 PM] [Express  ] › ⚠  warning   Command failed: certbot certonly --non-interactive --config "/etc/letsencrypt.ini" --cert-name "npm-6" --agree-tos --email "****" --preferred-challenges "dns,http" --domains "*****" 

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Some challenges have failed.

Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.

[6/27/2021] [2:45:34 PM] [Nginx    ] › ℹ  info      Reloading Nginx
[6/27/2021] [2:45:34 PM] [SSL      ] › ℹ  info      Requesting Let'sEncrypt certificates for Cert #7: *********
[6/27/2021] [2:45:38 PM] [Nginx    ] › ℹ  info      Reloading Nginx
[6/27/2021] [2:45:38 PM] [Express  ] › ⚠  warning   Command failed: certbot certonly --non-interactive --config "/etc/letsencrypt.ini" --cert-name "npm-7" --agree-tos --email "******" --preferred-challenges "dns,http" --domains "****" 
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Some challenges have failed.

Originally created by @maxdd on GitHub (Jun 27, 2021). Original GitHub issue: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/1208 Originally assigned to: @jc21 on GitHub. Hi, i'm facing issues with certificate renewal after there has been an expiration and after i've updated with the latest npm docker image. Below my log ``` [s6-init] making user provided files available at /var/run/s6/etc...exited 0. [s6-init] ensuring user provided files have correct perms...exited 0. [fix-attrs.d] applying ownership & permissions fixes... [fix-attrs.d] done. [cont-init.d] executing container initialization scripts... [cont-init.d] 01_s6-secret-init.sh: executing... [cont-init.d] 01_s6-secret-init.sh: exited 0. [cont-init.d] done. [services.d] starting services [services.d] done. ❯ Enabling IPV6 in hosts: /etc/nginx/conf.d ❯ /etc/nginx/conf.d/default.conf ❯ /etc/nginx/conf.d/include/block-exploits.conf ❯ /etc/nginx/conf.d/include/proxy.conf ❯ /etc/nginx/conf.d/include/letsencrypt-acme-challenge.conf ❯ /etc/nginx/conf.d/include/assets.conf ❯ /etc/nginx/conf.d/include/ip_ranges.conf ❯ /etc/nginx/conf.d/include/ssl-ciphers.conf ❯ /etc/nginx/conf.d/include/force-ssl.conf ❯ /etc/nginx/conf.d/include/resolvers.conf ❯ /etc/nginx/conf.d/production.conf ❯ Enabling IPV6 in hosts: /data/nginx ❯ /data/nginx/proxy_host/7.conf ❯ /data/nginx/default_host/site.conf [6/27/2021] [2:43:39 PM] [Global ] › ℹ info Generating MySQL db configuration from environment variables [6/27/2021] [2:43:39 PM] [Global ] › ℹ info Wrote db configuration to config file: ./config/production.json [6/27/2021] [2:43:40 PM] [Migrate ] › ℹ info Current database version: 20210210154703 [6/27/2021] [2:43:40 PM] [Setup ] › ℹ info Creating a new JWT key pair... [6/27/2021] [2:43:58 PM] [Setup ] › ℹ info Wrote JWT key pair to config file: /app/config/production.json [6/27/2021] [2:43:58 PM] [IP Ranges] › ℹ info Fetching IP Ranges from online services... [6/27/2021] [2:43:58 PM] [IP Ranges] › ℹ info Fetching https://ip-ranges.amazonaws.com/ip-ranges.json [6/27/2021] [2:43:59 PM] [IP Ranges] › ℹ info Fetching https://www.cloudflare.com/ips-v4 [6/27/2021] [2:43:59 PM] [IP Ranges] › ℹ info Fetching https://www.cloudflare.com/ips-v6 [6/27/2021] [2:43:59 PM] [SSL ] › ℹ info Let's Encrypt Renewal Timer initialized [6/27/2021] [2:43:59 PM] [SSL ] › ℹ info Renewing SSL certs close to expiry... [6/27/2021] [2:43:59 PM] [IP Ranges] › ℹ info IP Ranges Renewal Timer initialized [6/27/2021] [2:43:59 PM] [Global ] › ℹ info Backend PID 225 listening on port 3000 ... [6/27/2021] [2:44:00 PM] [Nginx ] › ℹ info Reloading Nginx [6/27/2021] [2:44:00 PM] [SSL ] › ℹ info Renew Complete [6/27/2021] [2:44:08 PM] [Express ] › ⚠ warning invalid signature `QueryBuilder#allowEager` method is deprecated. You should use `allowGraph` instead. `allowEager` method will be removed in 3.0 `QueryBuilder#eager` method is deprecated. You should use the `withGraphFetched` method instead. `eager` method will be removed in 3.0 QueryBuilder#omit is deprecated. This method will be removed in version 3.0 Duplicate relation "access_list" in a relation expression. You should use "a.[b, c]" instead of "[a.b, a.c]". This will cause an error in objection 2.0 [6/27/2021] [2:44:36 PM] [Nginx ] › ℹ info Reloading Nginx [6/27/2021] [2:44:36 PM] [SSL ] › ℹ info Requesting Let'sEncrypt certificates for Cert #6: *************** [6/27/2021] [2:44:40 PM] [Nginx ] › ℹ info Reloading Nginx [6/27/2021] [2:44:40 PM] [Express ] › ⚠ warning Command failed: certbot certonly --non-interactive --config "/etc/letsencrypt.ini" --cert-name "npm-6" --agree-tos --email "****" --preferred-challenges "dns,http" --domains "*****" Saving debug log to /var/log/letsencrypt/letsencrypt.log Some challenges have failed. Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details. [6/27/2021] [2:45:34 PM] [Nginx ] › ℹ info Reloading Nginx [6/27/2021] [2:45:34 PM] [SSL ] › ℹ info Requesting Let'sEncrypt certificates for Cert #7: ********* [6/27/2021] [2:45:38 PM] [Nginx ] › ℹ info Reloading Nginx [6/27/2021] [2:45:38 PM] [Express ] › ⚠ warning Command failed: certbot certonly --non-interactive --config "/etc/letsencrypt.ini" --cert-name "npm-7" --agree-tos --email "******" --preferred-challenges "dns,http" --domains "****" Saving debug log to /var/log/letsencrypt/letsencrypt.log Some challenges have failed. ```

kerem 2026-02-26 06:35:19 +03:00

• closed this issue
• added the
  bug
  label

kerem commented 2026-02-26 06:35:19 +03:00

Author

Owner

Copy link

@maxdd commented on GitHub (Jun 27, 2021):

This is the letsencrypt.log

Certbot failed to authenticate some domains (authenticator: webroot). The Certificate Authority reported these problems:
  Domain: ************
  Type:   connection
  Detail: Fetching http://************/.well-known/acme-challenge/Cn50XLdix7BY8fgOmEgCnSPptSZY8U8s0-ghdNcJaNY: Error getting validation data

Hint: The Certificate Authority failed to download the temporary challenge files created by Certbot. Ensure that the listed domains serve their content from the provided --webroot-path/-w and that files created there can be downloaded from the internet.

2021-06-27 14:45:38,108:DEBUG:certbot._internal.error_handler:Encountered exception:
Traceback (most recent call last):
  File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/auth_handler.py", line 93, in handle_authorizations
    self._poll_authorizations(authzrs, max_retries, best_effort)
  File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/auth_handler.py", line 181, in _poll_authorizations
    raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.

2021-06-27 14:45:38,109:DEBUG:certbot._internal.error_handler:Calling registered functions
2021-06-27 14:45:38,109:INFO:certbot._internal.auth_handler:Cleaning up challenges
2021-06-27 14:45:38,109:DEBUG:certbot._internal.plugins.webroot:Removing /data/letsencrypt-acme-challenge/.well-known/acme-challenge/Cn50XLdix7BY8fgOmEgCnSPptSZY8U8s0-ghdNcJaNY
2021-06-27 14:45:38,110:DEBUG:certbot._internal.plugins.webroot:All challenges cleaned up
2021-06-27 14:45:38,111:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
  File "/opt/certbot/bin/certbot", line 8, in <module>
    sys.exit(main())
  File "/opt/certbot/lib/python3.7/site-packages/certbot/main.py", line 15, in main
    return internal_main.main(cli_args)
  File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/main.py", line 1552, in main
    return config.func(config, plugins)
  File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/main.py", line 1414, in certonly
    lineage = _get_and_save_cert(le_client, config, domains, certname, lineage)
  File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/main.py", line 128, in _get_and_save_cert
    lineage = le_client.obtain_and_enroll_certificate(domains, certname)
  File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/client.py", line 445, in obtain_and_enroll_certificate
    cert, chain, key, _ = self.obtain_certificate(domains)
  File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/client.py", line 375, in obtain_certificate
    orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
  File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/client.py", line 425, in _get_order_and_authorizations
    authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort)
  File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/auth_handler.py", line 93, in handle_authorizations
    self._poll_authorizations(authzrs, max_retries, best_effort)
  File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/auth_handler.py", line 181, in _poll_authorizations
    raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.
2021-06-27 14:45:38,114:ERROR:certbot._internal.log:Some challenges have failed.

Its seems like i have an issue to provide the following

http://************/.well-known/acme-challenge/Cn50XLdix7BY8fgOmEgCnSPptSZY8U8s0-ghdNcJaNY

Could it be due to HSTS or something similar?

<!-- gh-comment-id:869176042 --> @maxdd commented on GitHub (Jun 27, 2021): This is the letsencrypt.log ``` Certbot failed to authenticate some domains (authenticator: webroot). The Certificate Authority reported these problems: Domain: ************ Type: connection Detail: Fetching http://************/.well-known/acme-challenge/Cn50XLdix7BY8fgOmEgCnSPptSZY8U8s0-ghdNcJaNY: Error getting validation data Hint: The Certificate Authority failed to download the temporary challenge files created by Certbot. Ensure that the listed domains serve their content from the provided --webroot-path/-w and that files created there can be downloaded from the internet. 2021-06-27 14:45:38,108:DEBUG:certbot._internal.error_handler:Encountered exception: Traceback (most recent call last): File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/auth_handler.py", line 93, in handle_authorizations self._poll_authorizations(authzrs, max_retries, best_effort) File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/auth_handler.py", line 181, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') certbot.errors.AuthorizationError: Some challenges have failed. 2021-06-27 14:45:38,109:DEBUG:certbot._internal.error_handler:Calling registered functions 2021-06-27 14:45:38,109:INFO:certbot._internal.auth_handler:Cleaning up challenges 2021-06-27 14:45:38,109:DEBUG:certbot._internal.plugins.webroot:Removing /data/letsencrypt-acme-challenge/.well-known/acme-challenge/Cn50XLdix7BY8fgOmEgCnSPptSZY8U8s0-ghdNcJaNY 2021-06-27 14:45:38,110:DEBUG:certbot._internal.plugins.webroot:All challenges cleaned up 2021-06-27 14:45:38,111:DEBUG:certbot._internal.log:Exiting abnormally: Traceback (most recent call last): File "/opt/certbot/bin/certbot", line 8, in <module> sys.exit(main()) File "/opt/certbot/lib/python3.7/site-packages/certbot/main.py", line 15, in main return internal_main.main(cli_args) File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/main.py", line 1552, in main return config.func(config, plugins) File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/main.py", line 1414, in certonly lineage = _get_and_save_cert(le_client, config, domains, certname, lineage) File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/main.py", line 128, in _get_and_save_cert lineage = le_client.obtain_and_enroll_certificate(domains, certname) File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/client.py", line 445, in obtain_and_enroll_certificate cert, chain, key, _ = self.obtain_certificate(domains) File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/client.py", line 375, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/client.py", line 425, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort) File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/auth_handler.py", line 93, in handle_authorizations self._poll_authorizations(authzrs, max_retries, best_effort) File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/auth_handler.py", line 181, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') certbot.errors.AuthorizationError: Some challenges have failed. 2021-06-27 14:45:38,114:ERROR:certbot._internal.log:Some challenges have failed. ``` Its seems like i have an issue to provide the following http://************/.well-known/acme-challenge/Cn50XLdix7BY8fgOmEgCnSPptSZY8U8s0-ghdNcJaNY Could it be due to HSTS or something similar?

kerem commented 2026-02-26 06:35:19 +03:00

Author

Owner

Copy link

@Haringstad commented on GitHub (Jun 28, 2021):

I am seeing the same error here. Tried a lot of things to fix it on my end, but it won't work.
Maybe it is time that acme.sh is going to be used?

<!-- gh-comment-id:869514240 --> @Haringstad commented on GitHub (Jun 28, 2021): I am seeing the same error here. Tried a lot of things to fix it on my end, but it won't work. Maybe it is time that acme.sh is going to be used?

kerem commented 2026-02-26 06:35:19 +03:00

Author

Owner

Copy link

@smachi commented on GitHub (Jun 28, 2021):

The same thing is happening to me. All my certificates have expired and NPM is not able to renew them since some versions ago

<!-- gh-comment-id:869837700 --> @smachi commented on GitHub (Jun 28, 2021): The same thing is happening to me. All my certificates have expired and NPM is not able to renew them since some versions ago

kerem commented 2026-02-26 06:35:19 +03:00

Author

Owner

Copy link

@maxdd commented on GitHub (Jun 28, 2021):

Did any of you try a clean installation? I would like to avoid it since I have configured a lot lately.

<!-- gh-comment-id:869844306 --> @maxdd commented on GitHub (Jun 28, 2021): Did any of you try a clean installation? I would like to avoid it since I have configured a lot lately.

kerem commented 2026-02-26 06:35:20 +03:00

Author

Owner

Copy link

@Haringstad commented on GitHub (Jun 28, 2021):

@maxdd, I am sorry, but I didn't reinstall. I've got more than 30 proxies
configured, so........ You can understand why I would not go through the
full re-install.

On Mon, Jun 28, 2021 at 6:51 PM maxdd @.***> wrote:

Did any of you try a clean installation? I would like to avoid it since I
have configured a lot lately.

—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
https://github.com/jc21/nginx-proxy-manager/issues/1208#issuecomment-869844306,
or unsubscribe
https://github.com/notifications/unsubscribe-auth/AB3YEZU45RWDCWRVZLVEEVDTVCSAFANCNFSM47MPCCIA
.

<!-- gh-comment-id:869847789 --> @Haringstad commented on GitHub (Jun 28, 2021): @maxdd, I am sorry, but I didn't reinstall. I've got more than 30 proxies configured, so........ You can understand why I would not go through the full re-install. On Mon, Jun 28, 2021 at 6:51 PM maxdd ***@***.***> wrote: > Did any of you try a clean installation? I would like to avoid it since I > have configured a lot lately. > > — > You are receiving this because you commented. > Reply to this email directly, view it on GitHub > <https://github.com/jc21/nginx-proxy-manager/issues/1208#issuecomment-869844306>, > or unsubscribe > <https://github.com/notifications/unsubscribe-auth/AB3YEZU45RWDCWRVZLVEEVDTVCSAFANCNFSM47MPCCIA> > . >

kerem commented 2026-02-26 06:35:20 +03:00

Author

Owner

Copy link

@jc21 commented on GitHub (Jun 29, 2021):

On my production host I am not seeing this problem and I haven't started fresh in about 18months. Also using the latest image.

Are you able to request a new certificate for a new host?

<!-- gh-comment-id:870270060 --> @jc21 commented on GitHub (Jun 29, 2021): On my production host I am not seeing this problem and I haven't started fresh in about 18months. Also using the latest image. Are you able to request a new certificate for a new host?

kerem commented 2026-02-26 06:35:20 +03:00

Author

Owner

Copy link

@maxdd commented on GitHub (Jun 29, 2021):

No i'm not.
I would say the first thing we should investigate is

Fetching http://**************/.well-known/acme-challenge/uzCFoWkEQTkfpP8VQEl3v1CR_VxonuXBssS-Ryy_nX8: Error getting validation data

Hint: The Certificate Authority failed to download the temporary challenge files created by Certbot. Ensure that the listed domains serve their content from the provided --webroot-path/-w and that files created there can be downloaded from the internet.

How can we verify this? My 80 and 443 ports are is open though

EDIT: I correct myself, port 80 was needed in order to do the renewal and i decided to disabled it once i generated my previous certificates.
Now it works

<!-- gh-comment-id:870273094 --> @maxdd commented on GitHub (Jun 29, 2021): No i'm not. I would say the first thing we should investigate is ``` Fetching http://**************/.well-known/acme-challenge/uzCFoWkEQTkfpP8VQEl3v1CR_VxonuXBssS-Ryy_nX8: Error getting validation data Hint: The Certificate Authority failed to download the temporary challenge files created by Certbot. Ensure that the listed domains serve their content from the provided --webroot-path/-w and that files created there can be downloaded from the internet. ``` How can we verify this? My ~~80 and~~ 443 port~~s~~ ~~are~~ is open though EDIT: I correct myself, port 80 was needed in order to do the renewal and i decided to disabled it once i generated my previous certificates. Now it works

kerem commented 2026-02-26 06:35:20 +03:00

Author

Owner

Copy link

@smachi commented on GitHub (Jul 3, 2021):

@maxdd Thanks for the hint!

In my case, port 80 wasn't open and that was the cause. I've just opened it and the certificate renewals are working now :)

<!-- gh-comment-id:873364168 --> @smachi commented on GitHub (Jul 3, 2021): @maxdd Thanks for the hint! In my case, port 80 wasn't open and that was the cause. I've just opened it and the certificate renewals are working now :)

kerem commented 2026-02-26 06:35:20 +03:00

Author

Owner

Copy link

@Haringstad commented on GitHub (Jul 3, 2021):

Fact remains that I use DNS for verification, and I do see the record being
created in DNS, but it still gives an error.
Regards,

Jacco van Koll

On Sat, Jul 3, 2021 at 9:44 AM Salva Machí @.***> wrote:

@maxdd https://github.com/maxdd Thanks for the hint!

In my case, port 80 wasn't open and that was the cause. I've just opened
it and the certificate renewals are working now :)

—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
https://github.com/jc21/nginx-proxy-manager/issues/1208#issuecomment-873364168,
or unsubscribe
https://github.com/notifications/unsubscribe-auth/AB3YEZUGYJCUSE67QHZPPU3TV25XVANCNFSM47MPCCIA
.

<!-- gh-comment-id:873473681 --> @Haringstad commented on GitHub (Jul 3, 2021): Fact remains that I use DNS for verification, and I do see the record being created in DNS, but it still gives an error. Regards, Jacco van Koll On Sat, Jul 3, 2021 at 9:44 AM Salva Machí ***@***.***> wrote: > @maxdd <https://github.com/maxdd> Thanks for the hint! > > In my case, port 80 wasn't open and that was the cause. I've just opened > it and the certificate renewals are working now :) > > — > You are receiving this because you commented. > Reply to this email directly, view it on GitHub > <https://github.com/jc21/nginx-proxy-manager/issues/1208#issuecomment-873364168>, > or unsubscribe > <https://github.com/notifications/unsubscribe-auth/AB3YEZUGYJCUSE67QHZPPU3TV25XVANCNFSM47MPCCIA> > . >

kerem commented 2026-02-26 06:35:20 +03:00

Author

Owner

Copy link

@talesam commented on GitHub (Jul 28, 2021):

I'm facing the same error with myself, I can't renew any certificate. My server has been running for a long time, before I was able to renew, now not anymore.

<!-- gh-comment-id:888422848 --> @talesam commented on GitHub (Jul 28, 2021): I'm facing the same error with myself, I can't renew any certificate. My server has been running for a long time, before I was able to renew, now not anymore. 

kerem commented 2026-02-26 06:35:20 +03:00

Author

Owner

Copy link

@chaptergy commented on GitHub (Jul 28, 2021):

The original author of this issue and others in the thread hat not forwarded port 80 in their router and were able to renew the certificate successfully after opening the port.In order to prevent this issue from becoming a graveyard for various different issues which arise for some people, I'm going to close this issue.

@talesam I have moved your comment to a new issue. You can also open a new one I you would like to be the author of the issue.

<!-- gh-comment-id:888429660 --> @chaptergy commented on GitHub (Jul 28, 2021): The original author of this issue and others in the thread hat not forwarded port 80 in their router and were able to renew the certificate successfully after opening the port.In order to prevent this issue from becoming a graveyard for various different issues which arise for some people, I'm going to close this issue. @talesam I have moved your comment to a new issue. You can also open a new one I you would like to be the author of the issue.

kerem commented 2026-02-26 06:35:20 +03:00

Author

Owner

Copy link

@talesam commented on GitHub (Jul 28, 2021):

O autor original deste problema e outros no chapéu de discussão não encaminharam a porta 80 em seu roteador e foram capazes de renovar o certificado com sucesso após abrir a porta. Para evitar que este problema se torne um cemitério para vários problemas diferentes que surgem para alguns gente, vou encerrar este assunto.

@talesam Mudei seu comentário para um novo problema. Você também pode abrir um novo. Gostaria que fosse o autor do número.

Port 80 is open, that's not it.

<!-- gh-comment-id:888430923 --> @talesam commented on GitHub (Jul 28, 2021): > O autor original deste problema e outros no chapéu de discussão não encaminharam a porta 80 em seu roteador e foram capazes de renovar o certificado com sucesso após abrir a porta. Para evitar que este problema se torne um cemitério para vários problemas diferentes que surgem para alguns gente, vou encerrar este assunto. > > @talesam Mudei seu comentário para um novo problema. Você também pode abrir um novo. Gostaria que fosse o autor do número. Port 80 is open, that's not it. 

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

develop

dependabot/npm_and_yarn/backend/liquidjs-10.25.7

dependabot/npm_and_yarn/frontend/prod-minor-updates-2a16bf3987

dependabot/npm_and_yarn/frontend/dev-patch-updates-754666cf41

dependabot/npm_and_yarn/backend/basic-ftp-5.3.0

dependabot/npm_and_yarn/test/follow-redirects-1.16.0

dependabot/npm_and_yarn/test/axios-1.15.0

dependabot/npm_and_yarn/frontend/lodash-4.18.1

dependabot/npm_and_yarn/backend/lodash-4.18.1

dependabot/npm_and_yarn/test/lodash-4.18.1

dependabot/npm_and_yarn/frontend/vite-7.3.2

dependabot/npm_and_yarn/backend/prod-minor-updates-5ec19a7f21

dependabot/npm_and_yarn/frontend/lodash-es-4.18.1

dependabot/npm_and_yarn/frontend/happy-dom-20.8.9

dependabot/npm_and_yarn/backend/path-to-regexp-8.4.0

dependabot/npm_and_yarn/frontend/picomatch-4.0.4

dependabot/npm_and_yarn/backend/picomatch-2.3.2

dependabot/npm_and_yarn/frontend/yaml-1.10.3

dependabot/npm_and_yarn/test/flatted-3.4.2

dependabot/npm_and_yarn/test/tar-7.5.11

dependabot/npm_and_yarn/frontend/immutable-5.1.5

master

dependabot/npm_and_yarn/test/glob-10.5.0

dependabot/npm_and_yarn/frontend/mdast-util-to-hast-13.2.1

dependabot/npm_and_yarn/test/form-data-4.0.4

v3-abandoned

bump-freedns

openidc

ssl-passthrough-hosts

static-content

v2.14.0

v2.13.7

v2.13.6

v2.13.5

v2.13.4

v2.13.3

v2.13.2

v2.13.1

v2.13.0

v2.12.6

v2.12.5

v2.12.4

v2.12.3

v2.12.2

v2.12.1

v2.12.0

v2.11.3

v2.11.2

v2.11.1

v2.11.0

v2.10.4

v2.10.3

v2.10.2

v2.10.1

v2.10.0

v2.9.22

v2.9.21

v2.9.20

v2.9.19

v2.9.18

v2.9.17

v2.9.16

v2.9.15

v2.9.14

v2.9.13

v2.9.12

v2.9.11

v2.9.10

v2.9.9

v2.9.8

v2.9.7

v2.9.6

v2.9.5

v2.9.4

v2.9.3

v2.9.2

v2.9.1

v2.9.0

v2.8.1

v2.8.0

v2.7.3

v2.7.2

v2.7.1

v2.7.0

v2.6.2

v2.6.1

v2.6.0

v2.5.0

v2.4.0

v2.3.1

v2.3.0

v2.2.4

v2.2.3

v2.2.2

v2.2.1

v2.2.0

v2.1.2

v2.1.1

v2.1.0

2.0.14

2.0.13

2.0.12

2.0.11

2.0.10

2.0.9

2.0.8

2.0.7

2.0.6

2.0.5

2.0.4

2.0.3

2.0.2

2.0.0

v2.0.0

1.1.2

1.1.1

1.0.1

Labels

Clear labels   

awaiting feedback

  

bug

  

cannot reproduce

  

dns provider request

  

duplicate

  

enhancement

  

enhancement

  

enhancement

  

good first issue

  

help wanted

  

invalid

  

need more info

  

no certbot plugin available

  

product-support

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

stale

  

troll

  

upstream issue

  

v2

  

v2

  

v2

  

v3

  

wontfix

No labels

awaiting feedback

bug

cannot reproduce

dns provider request

duplicate

enhancement

enhancement

enhancement

good first issue

help wanted

invalid

need more info

no certbot plugin available

product-support

pull-request

question

stale

troll

upstream issue

v2

v2

v2

v3

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/nginx-proxy-manager-NginxProxyManager#985

No description provided.