Trying to create SSL certificate with Nginx Proxy Manager - Getting "Internal error"

I’m trying to create a certificate for my HA instance with the Nginx Proxy Manager add-on but I get “Internal error” when I use the “Request a new SSL Certificate” feature. Looking at the logs, this is what i get

[1/16/2021] [1:35:24 PM] [Nginx    ] › ℹ  info      Reloading Nginx
[1/16/2021] [1:35:24 PM] [SSL      ] › ℹ  info      Requesting Let'sEncrypt certificates for Cert #8: domain.com
[1/16/2021] [1:35:28 PM] [Nginx    ] › ℹ  info      Reloading Nginx
[1/16/2021] [1:35:28 PM] [Express  ] › ⚠  warning   Command failed: /usr/bin/certbot certonly --non-interactive --config "/etc/letsencrypt.ini" --cert-name "npm-8" --agree-tos --email "[email protected]" --preferred-challenges "dns,http" --domains "domain.com" 
Saving debug log to /data/logs/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for domain.com
Using the webroot path /data/letsencrypt-acme-challenge for all unmatched domains.
Waiting for verification...
Challenge failed for domain domain.com
http-01 challenge for domain.com
Cleaning up challenges
Some challenges have failed.

Any ideas?

EDIT : Email and domain replaced with placeholders in log output

I am having the same exact issue. were you able to solve it?
I have the same issue
I installed the addon
on my router I forwarded both public ports 80 and 443 to the IP address where he NPM is installed on my HASS
I am able to login into NPM admin page and change password ets.
I cannot get a Letsencrypt SSL certificate it gives me an internal error and it fails
I set the proxy to forward my duckdns subdomain to my local IP address of the HASS install on port 8123. when I try accessing thru the subdomain without SSL it also fails
Please help If you can.

I gave up on using Nginx Proxy Manager. I instead now use the DuckDNS addon and use the NGINX Home Assistant SSL proxy add on too and this seems to work for me… SSL when accessing HA from outside, and non SSL when using internal network

Hello, I have Unifi System …any help about this will be appreciate !!! thank you.

Home Assistant at Hyper-V VM, MariaDb with Nginx PM. Dyndns Service

Port Forwarding from 80 to 192.168.1.240:80, 443 to 192.168.1.240:443

Setting:

• NPM MESSAGES

INTERNAL ERROR

Copy to clipboard

Error: Command failed: /usr/bin/certbot certonly --non-interactive --config "/etc/letsencrypt.ini" --cert-name "npm-30" --agree-tos --email "j**********[email protected]" --preferred-challenges "dns,http" --domains "homeassistant.h*****s.org" 
Saving debug log to /data/logs/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Performing the following challenges:
http-01 challenge for homeassistant.h*****s.org
Using the webroot path /data/letsencrypt-acme-challenge for all unmatched domains.
Waiting for verification...
Challenge failed for domain homeassistant.h*****s.org
http-01 challenge for homeassistant.h*****s.org
Cleaning up challenges
Some challenges have failed.

    at ChildProcess.exithandler (child_process.js:308:12)
    at ChildProcess.emit (events.js:315:20)
    at maybeClose (internal/child_process.js:1048:16)
    at Process.ChildProcess._handle.onexit (internal/child_process.js:288:5)

• HA NPM Reg

Copy to clipboard

[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] permissions: applying... 
[fix-attrs.d] permissions: exited 0.
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 00-banner.sh: executing... 
-----------------------------------------------------------
 Add-on: Nginx Proxy Manager
 Manage Nginx proxy hosts with a simple, powerful interface
-----------------------------------------------------------
 Add-on version: 0.11.0
 You are running the latest version of this add-on.
 System: Home Assistant OS 5.13  (amd64 / qemux86-64)
 Home Assistant Core: 2021.5.5
 Home Assistant Supervisor: 2021.04.3
-----------------------------------------------------------
 Please, share the above information when looking for help
 or support in, e.g., GitHub, forums or the Discord chat.
-----------------------------------------------------------
[cont-init.d] 00-banner.sh: exited 0.
[cont-init.d] 01-log-level.sh: executing... 
[cont-init.d] 01-log-level.sh: exited 0.
[cont-init.d] mysql.sh: executing... 
[cont-init.d] mysql.sh: exited 0.
[cont-init.d] nginx.sh: executing... 
[cont-init.d] nginx.sh: exited 0.
[cont-init.d] npm.sh: executing... 
[cont-init.d] npm.sh: exited 0.
[cont-init.d] done.
[services.d] starting services
[services.d] done.
[17:53:41] INFO: Starting NGinx...
[17:53:41] INFO: Starting the Manager...
[5/21/2021] [5:53:42 PM] [Migrate  ] › ℹ  info      Current database version: 20210210154703
[5/21/2021] [5:53:42 PM] [IP Ranges] › ℹ  info      Fetching IP Ranges from online services...
[5/21/2021] [5:53:42 PM] [IP Ranges] › ℹ  info      Fetching https://ip-ranges.amazonaws.com/ip-ranges.json
[5/21/2021] [5:53:43 PM] [IP Ranges] › ℹ  info      Fetching https://www.cloudflare.com/ips-v4
[5/21/2021] [5:53:43 PM] [IP Ranges] › ℹ  info      Fetching https://www.cloudflare.com/ips-v6
[5/21/2021] [5:53:43 PM] [SSL      ] › ℹ  info      Let's Encrypt Renewal Timer initialized
[5/21/2021] [5:53:43 PM] [SSL      ] › ℹ  info      Renewing SSL certs close to expiry...
[5/21/2021] [5:53:43 PM] [IP Ranges] › ℹ  info      IP Ranges Renewal Timer initialized
[5/21/2021] [5:53:43 PM] [Global   ] › ℹ  info      Backend PID 537 listening on port 3000 ...
[5/21/2021] [5:53:44 PM] [Nginx    ] › ℹ  info      Reloading Nginx
[5/21/2021] [5:53:44 PM] [SSL      ] › ℹ  info      Renew Complete
`QueryBuilder#allowEager` method is deprecated. You should use `allowGraph` instead. `allowEager` method will be removed in 3.0
`QueryBuilder#eager` method is deprecated. You should use the `withGraphFetched` method instead. `eager` method will be removed in 3.0
QueryBuilder#omit is deprecated. This method will be removed in version 3.0
[5/21/2021] [5:54:50 PM] [Nginx    ] › ℹ  info      Reloading Nginx
[5/21/2021] [5:54:50 PM] [SSL      ] › ℹ  info      Requesting Let'sEncrypt certificates for Cert #31: homeassistant.h*****s.org
[5/21/2021] [5:54:56 PM] [Nginx    ] › ℹ  info      Reloading Nginx
[5/21/2021] [5:54:56 PM] [Express  ] › ⚠  warning   Command failed: /usr/bin/certbot certonly --non-interactive --config "/etc/letsencrypt.ini" --cert-name "npm-31" --agree-tos --email "j**********[email protected]" --preferred-challenges "dns,http" --domains "homeassistant.h*****s.org" 
Saving debug log to /data/logs/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Performing the following challenges:
http-01 challenge for homeassistant.h*****s.org
Using the webroot path /data/letsencrypt-acme-challenge for all unmatched domains.
Waiting for verification...
Challenge failed for domain homeassistant.h*****s.org
http-01 challenge for homeassistant.h*****s.org
Cleaning up challenges
Some challenges have failed.

Any idea ??

I’m on ubi hardware. Adguard was what I was able to get working for me. You have to set a dns rewrite then forward 443 to 443 of your HA instance.

I’m have the same problem here with "Internal error” when I use the “Request a new SSL Certificate”. Has this been resolved ?

Same problem with internal error… Any solves?

Using unifi system, port 80 fwd to 80 on HA ip same with 443

Had duckdns addon but seems like it’s not needed? Tried without same issue.

Challenge failed in nginx logs…

Any help is appreciated!