March 18Mar 18 Not yet, need to get back from work before I can see if anything was written to it, although not holding out much hope after seeing this line in my logs.error Saving debug log to /data/logs/letsencrypt.log
March 18Mar 18 Author 6 minutes ago, ropes said:Not yet, need to get back from work before I can see if anything was written to it, although not holding out much hope after seeing this line in my logs.error Saving debug log to /data/logs/letsencrypt.logThe message is confusing, but it doesn't tell that it failed to write to log file. Instead, an error occurred and because of that debug has been saved to the log file.
March 18Mar 18 That error message was due to user error, had some older legacy certs for some critical containers that I kept around when migrating to the CF origin cert.My lazy behind never went back in to tidy these up once the origin certificate was fully tested and confirmed as working.Removing these older certs in the NPM dashboard, under Certificates menu, has completely removed the errors from my logs.TL;DR - Certbot tried HTTP validation > Cloudflare intercepted > ACME challenge not exposed due to Cloudflare proxy > Validation failed
March 19Mar 19 CA store just showed a new update for the container and it looks like that fixed the 525 error/TLS proxy issue for me. I just had to open the config menu and click save for each of the proxy hosts. Edited March 19Mar 19 by daedalusesq
June 10Jun 10 Certs with the "Let's Encrypt – route53" provider are not renewing or being created (shows 'Internal Error' when attempting). Based on the logs, the Route53 plugin seems broken:[app ] [6/10/2026] [11:20:48 AM] [SSL ] › ℹ info Renewing SSL certs expiring within 30 days ...[app ] [6/10/2026] [11:20:48 AM] [SSL ] › ℹ info Renewing LetsEncrypt certificates via Route 53 (Amazon) for Cert #41: [omitted][app ] [6/10/2026] [11:20:48 AM] [SSL ] › ℹ info Command: certbot-dns-route53 renew --force-renewal --config /etc/letsencrypt.ini --work-dir /tmp/letsencrypt-lib --logs-dir /data/logs --cert-name npm-41 --preferred-challenges dns --disable-hook-validation --no-random-sleep-on-renew[app ] [6/10/2026] [11:20:49 AM] [SSL ] › ✖ error The 'certbot_dns_route53._internal.dns_route53' plugin errored while loading: No module named 'botocore.docs'. You may need to remove or update this plugin. The Certbot log will contain the full error details and this should be reported to the plugin developer.Route53 certs with the "Let's Encrypt" provider seem to still be renewing ok. Updating the dependencies with:/opt/certbot/certbot/bin/python3 -m pip install --upgrade --force-reinstall \> 'certbot-dns-route53==5.3.1' boto3 botocoreSeems to work for a manual renewal but is only a temporary workaround until the container gets updated.
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.