foto2004
Goto Top

Nginx proxy manager erneuert keine Zertifikate mehr

Hallo Gemeinde,

ich habe da ein etwas größeres (zumindest für mich) Problem. Ich kann keine Zertifikate über den nginx proxy Manager erneuern er kommt immer wieder mit einem internen Fehler auch wen ich den proxy Manager neu aufsetze kommt die selbe Meldung. Was habe ich übersehen oder was mache ich da falsch? Es hatte eine ganze Weile funktioniert auch das mit den Erneuerungen aber seit März mag er nicht mehr.

Content-ID: 5639111152

Url: https://administrator.de/contentid/5639111152

Ausgedruckt am: 19.12.2024 um 06:12 Uhr

9697748851
9697748851 07.05.2024 um 05:57:39 Uhr
Goto Top
Hi.

einem internen Fehler
Ah, achsooo, ja dann musst Du einfach nur das tun:


Gruß
gammelobst
gammelobst 07.05.2024 um 09:36:52 Uhr
Goto Top
Hallo,

evtl. hilft es einen Tee zu trinken.
Oder vielleicht irgendwelche sachdienlichen Informationen?


cya
9697748851
9697748851 07.05.2024 um 10:48:57 Uhr
Goto Top
sachdienlichen Informationen?
Du erwartest Sachen.. das wäre doch dann viel zu einfach.. :/
Dani
Dani 07.05.2024 aktualisiert um 12:24:39 Uhr
Goto Top
Moin,
Was habe ich übersehen oder was mache ich da falsch?
was steht dem im Logfile des NPM bzw. des Docker Containers (docker compose logs -f)?

Es hatte eine ganze Weile funktioniert auch das mit den Erneuerungen aber seit März mag er nicht mehr.
Und was hat sich seit März an deiner Umgebung geändert?


Gruß,
Dani
foto2004
foto2004 08.05.2024 um 17:03:29 Uhr
Goto Top
im Log vom Portainer steht:
6 renew failure(s), 0 parse failure(s)
at ChildProcess.exithandler (node:child_process:402:12)
at ChildProcess.emit (node:events:513:28)
at maybeClose (node:internal/child_process:1100:16)
at Process.ChildProcess._handle.onexit (node:internal/child_process:304:5)
[5/8/2024] [12:00:48 PM] [SSL ] › ℹ info Renewing SSL certs close to expiry...
[5/8/2024] [12:04:03 PM] [SSL ] › ✖ error Error: Command failed: certbot renew --non-interactive --quiet --config "/etc/letsencrypt.ini" --preferred-challenges "dns,http" --disable-hook-validation
Failed to renew certificate npm-1 with error: Some challenges have failed.
Failed to renew certificate npm-19 with error: Some challenges have failed.
Failed to renew certificate npm-2 with error: Some challenges have failed.
Failed to renew certificate npm-3 with error: Some challenges have failed.
Failed to renew certificate npm-6 with error: Some challenges have failed.
Failed to renew certificate npm-7 with error: Some challenges have failed.
All renewals failed. The following certificates could not be renewed:
/etc/letsencrypt/live/npm-1/fullchain.pem (failure)
/etc/letsencrypt/live/npm-19/fullchain.pem (failure)
/etc/letsencrypt/live/npm-2/fullchain.pem (failure)
/etc/letsencrypt/live/npm-3/fullchain.pem (failure)
/etc/letsencrypt/live/npm-6/fullchain.pem (failure)
/etc/letsencrypt/live/npm-7/fullchain.pem (failure)
6 renew failure(s), 0 parse failure(s)
at ChildProcess.exithandler (node:child_process:402:12)
at ChildProcess.emit (node:events:513:28)
at maybeClose (node:internal/child_process:1100:16)
at Process.ChildProcess._handle.onexit (node:internal/child_process:304:5)
[5/8/2024] [1:00:48 PM] [SSL ] › ℹ info Renewing SSL certs close to expiry...
[5/8/2024] [1:04:57 PM] [SSL ] › ✖ error Error: Command failed: certbot renew --non-interactive --quiet --config "/etc/letsencrypt.ini" --preferred-challenges "dns,http" --disable-hook-validation
Failed to renew certificate npm-1 with error: Some challenges have failed.
Failed to renew certificate npm-19 with error: Some challenges have failed.
Failed to renew certificate npm-2 with error: Some challenges have failed.
Failed to renew certificate npm-3 with error: Some challenges have failed.
Failed to renew certificate npm-6 with error: Some challenges have failed.
Failed to renew certificate npm-7 with error: Some challenges have failed.
All renewals failed. The following certificates could not be renewed:
/etc/letsencrypt/live/npm-1/fullchain.pem (failure)
/etc/letsencrypt/live/npm-19/fullchain.pem (failure)
/etc/letsencrypt/live/npm-2/fullchain.pem (failure)
/etc/letsencrypt/live/npm-3/fullchain.pem (failure)
/etc/letsencrypt/live/npm-6/fullchain.pem (failure)
/etc/letsencrypt/live/npm-7/fullchain.pem (failure)
6 renew failure(s), 0 parse failure(s)
at ChildProcess.exithandler (node:child_process:402:12)
at ChildProcess.emit (node:events:513:28)
at maybeClose (node:internal/child_process:1100:16)
at Process.ChildProcess._handle.onexit (node:internal/child_process:304:5)
[5/8/2024] [2:00:48 PM] [SSL ] › ℹ info Renewing SSL certs close to expiry...
[5/8/2024] [2:00:48 PM] [IP Ranges] › ℹ info Fetching IP Ranges from online services...
[5/8/2024] [2:00:48 PM] [IP Ranges] › ℹ info Fetching https://ip-ranges.amazonaws.com/ip-ranges.json
[5/8/2024] [2:00:48 PM] [IP Ranges] › ℹ info Fetching https://www.cloudflare.com/ips-v4
[5/8/2024] [2:00:49 PM] [IP Ranges] › ℹ info Fetching https://www.cloudflare.com/ips-v6
[5/8/2024] [2:00:49 PM] [Nginx ] › ℹ info Reloading Nginx
[5/8/2024] [2:08:50 PM] [SSL ] › ✖ error Error: Command failed: certbot renew --non-interactive --quiet --config "/etc/letsencrypt.ini" --preferred-challenges "dns,http" --disable-hook-validation
Failed to renew certificate npm-1 with error: Some challenges have failed.
Failed to renew certificate npm-19 with error: Some challenges have failed.
Failed to renew certificate npm-2 with error: Some challenges have failed.
Failed to renew certificate npm-3 with error: Some challenges have failed.
Failed to renew certificate npm-6 with error: Some challenges have failed.
Failed to renew certificate npm-7 with error: Some challenges have failed.
All renewals failed. The following certificates could not be renewed:
/etc/letsencrypt/live/npm-1/fullchain.pem (failure)
/etc/letsencrypt/live/npm-19/fullchain.pem (failure)
/etc/letsencrypt/live/npm-2/fullchain.pem (failure)
/etc/letsencrypt/live/npm-3/fullchain.pem (failure)
/etc/letsencrypt/live/npm-6/fullchain.pem (failure)
/etc/letsencrypt/live/npm-7/fullchain.pem (failure)
6 renew failure(s), 0 parse failure(s)
at ChildProcess.exithandler (node:child_process:402:12)
at ChildProcess.emit (node:events:513:28)
at maybeClose (node:internal/child_process:1100:16)
at Process.ChildProcess._handle.onexit (node:internal/child_process:304:5)


Und was hat sich seit März an deiner Umgebung geändert?
nein ich wüste nichts was sich geändert hat
Dani
Dani 09.05.2024 um 09:30:09 Uhr
Goto Top
Moin,
Failed to renew certificate npm-1 with error: Some challenges have failed.
Prüfe doch einmal das verwendete Challenge Verfahren. Wenn du z.B. HTTP-01 verwendest, ist GeoBlocking oder eine Access-List meistens der Grund warum LE den Server nicht erreichen kann.

certbot renew --non-interactive --quiet --config "/etc/letsencrypt.ini" --preferred-challenges "dns,http" --disable-hook-validation
Ansonsten den Befehl einmal manuell im Container ausführen. Wobei ich den Parameter --quiet weglassen würde.


Gruß,
Dani