[Support] Djoss - Nginx Proxy Manager

[Jimmy]

Hi, I follow your guide on YouTube for reverse proxy with Nginx Proxy Manager and I can't get the certification from Let'sEncrypt. When I look at the status of my proxy host, it said online but when I try to make the ssl certificate it said internal error. I'm new with this and hope someone can help me with that. PS I don't have the Let'sEncrypt log in my tmp.

 

[JCM]

On 12/29/2023 at 12:46 PM, Ptolemyiv said:

Am getting a certbot route53 error again in the logs and am unable to log in to the gui (since itself relies on ssl certificate!) - log is showing the following repeatedly:

 

[app         ] [12/29/2023] [11:33:43 AM] [Global   ] › ✖  error     Command failed: pip install --no-cache-dir certbot-dns-route53==$(certbot --version | grep -Eo '[0-9](\.[0-9]+)+') 
[app         ] The 'certbot_dns_route53.authenticator' plugin errored while loading: cannot import name 'DEFAULT_CIPHERS' from 'urllib3.util.ssl_' (/usr/lib/python3.10/site-packages/urllib3/util/ssl_.py). You may need to remove or update this plugin. The Certbot log will contain the full error details and this should be reported to the plugin developer.
[app         ] Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /tmp/certbot-log-ul_q9vn7/log or re-run Certbot with -v for more details.
[app         ] ERROR: Could not find a version that satisfies the requirement certbot-dns-route53== (from versions: 0.15.0.dev0, 0.15.0, 0.16.0, 0.17.0, 0.18.0, 0.18.1, 0.18.2, 0.19.0, 0.20.0, 0.21.0, 0.21.1, 0.22.0, 0.22.1, 0.22.2, 0.23.0, 0.24.0, 0.25.0, 0.25.1, 0.26.0, 0.26.1, 0.27.0, 0.27.1, 0.28.0, 0.29.0, 0.29.1, 0.30.0, 0.30.1, 0.30.2, 0.31.0, 0.32.0, 0.33.0, 0.33.1, 0.34.0, 0.34.1, 0.34.2, 0.35.0, 0.35.1, 0.36.0, 0.37.0, 0.37.1, 0.37.2, 0.38.0, 0.39.0, 0.40.0, 0.40.1, 1.0.0, 1.1.0, 1.2.0, 1.3.0, 1.4.0, 1.5.0, 1.6.0, 1.7.0, 1.8.0, 1.9.0, 1.10.0, 1.10.1, 1.11.0, 1.12.0, 1.13.0, 1.14.0, 1.15.0, 1.16.0, 1.17.0, 1.18.0, 1.19.0, 1.20.0, 1.21.0, 1.22.0, 1.23.0, 1.24.0, 1.25.0, 1.26.0, 1.27.0, 1.28.0, 1.29.0, 1.30.0, 1.31.0, 1.32.0, 2.0.0, 2.1.0, 2.2.0, 2.3.0, 2.4.0, 2.5.0, 2.6.0, 2.7.0, 2.7.1, 2.7.2, 2.7.3, 2.7.4, 2.8.0)
[app         ] ERROR: No matching distribution found for certbot-dns-route53==
[app         ] [12/29/2023] [11:33:44 AM] [Migrate  ] › ℹ  info      Current database version: none

 

Unfortunately the fix before doesn't seem to be working - anyone know how to fix this once and for all? (may be a recent update issue since only just started reoccurring again)

 

EDIT: So the only way I was able to fix this error was to run the following command and download urllib manually:

pip install 'urllib3<2'

 

Nginx Proxy Manager then loaded and unsuccessfully failed to auto-renew the certificates - after this, I was able to manually renew the certificates from the UI.

 

Strangely, if I reboot the container than the original error re-occurs and I have to manually execute the above command again...

 

Anyone else encountering the same or can suggest a permanent fix? Many thanks

 

 

 

I have the exact same issue and your fix helped me successfully renew my certificates manually. Sadly I have no permanent solution for this. I will take a look into this again in May 😉

[hathi_ndg]

On 12/30/2019 at 1:55 PM, Djoss said:

Since you are not using the "Bridge" network type, the UI should be reachable over port 8181.  In your case you probably need to use http://192.168.2.5:8181

 

It's been a while, but have you found a solution?

[nealhead]

This is also now broken for me with generic "Internal Error"

[costind]

Hi all, I thiink I may have found a sollution to generate a certificate.

Instead of renew, go to the Add SSL certificate option, Let's encrypt and select use a DNS challange.

Enter your DNS provider, in my case Duckdns and the token that you have when you log in to duckdns page.

It generated a new cert. Make sure you backup your existing one by downloading it, delete the old cert and config the redirect by selecting the new cert. An easy way to tell which one is the new one is by looking at ethe expiry date.

Hope it helps.