Hello Parag,
I think I did it, what I did was to change my port forwarding to
Protocol: TCP
LAN Port: 8888
Public Port: 80
Ans started the Nginx in port 8888, and it worked.
Thank you,
I have the same issue
I installed the addon
on my router I forwarded both public ports 80 and 443 to the IP address where he NPM is installed on my HASS
I am able to login into NPM admin page and change password ets.
I cannot get a Letsencrypt SSL certificate it gives me an internal error and it fails
I set the proxy to forward my duckdns subdomain to my local IP address of the HASS install on port 8123. when I try accessing thru the subdomain without SSL it also fails
Please help If you can.
Maybe its too late but, are you trying from your local ip or your ddns domain? I was doing it from my ddns and allways fail. Use your local ip on nginx dashboard
Hello, I have Unifi System …any help about this will be appreciate !!! thank you. 
Home Assistant at Hyper-V VM, MariaDb with Nginx PM. Dyndns Service
Port Forwarding from 80 to 192.168.1.240:80, 443 to 192.168.1.240:443
Setting:
- NPM MESSAGES
INTERNAL ERROR
Copy to clipboard
Error: Command failed: /usr/bin/certbot certonly --non-interactive --config "/etc/letsencrypt.ini" --cert-name "npm-30" --agree-tos --email "j**********[email protected]" --preferred-challenges "dns,http" --domains "homeassistant.h*****s.org"
Saving debug log to /data/logs/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Performing the following challenges:
http-01 challenge for homeassistant.h*****s.org
Using the webroot path /data/letsencrypt-acme-challenge for all unmatched domains.
Waiting for verification...
Challenge failed for domain homeassistant.h*****s.org
http-01 challenge for homeassistant.h*****s.org
Cleaning up challenges
Some challenges have failed.
at ChildProcess.exithandler (child_process.js:308:12)
at ChildProcess.emit (events.js:315:20)
at maybeClose (internal/child_process.js:1048:16)
at Process.ChildProcess._handle.onexit (internal/child_process.js:288:5)
- HA NPM Reg
Copy to clipboard
[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] permissions: applying...
[fix-attrs.d] permissions: exited 0.
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 00-banner.sh: executing...
-----------------------------------------------------------
Add-on: Nginx Proxy Manager
Manage Nginx proxy hosts with a simple, powerful interface
-----------------------------------------------------------
Add-on version: 0.11.0
You are running the latest version of this add-on.
System: Home Assistant OS 5.13 (amd64 / qemux86-64)
Home Assistant Core: 2021.5.5
Home Assistant Supervisor: 2021.04.3
-----------------------------------------------------------
Please, share the above information when looking for help
or support in, e.g., GitHub, forums or the Discord chat.
-----------------------------------------------------------
[cont-init.d] 00-banner.sh: exited 0.
[cont-init.d] 01-log-level.sh: executing...
[cont-init.d] 01-log-level.sh: exited 0.
[cont-init.d] mysql.sh: executing...
[cont-init.d] mysql.sh: exited 0.
[cont-init.d] nginx.sh: executing...
[cont-init.d] nginx.sh: exited 0.
[cont-init.d] npm.sh: executing...
[cont-init.d] npm.sh: exited 0.
[cont-init.d] done.
[services.d] starting services
[services.d] done.
[17:53:41] INFO: Starting NGinx...
[17:53:41] INFO: Starting the Manager...
[5/21/2021] [5:53:42 PM] [Migrate ] › ℹ info Current database version: 20210210154703
[5/21/2021] [5:53:42 PM] [IP Ranges] › ℹ info Fetching IP Ranges from online services...
[5/21/2021] [5:53:42 PM] [IP Ranges] › ℹ info Fetching https://ip-ranges.amazonaws.com/ip-ranges.json
[5/21/2021] [5:53:43 PM] [IP Ranges] › ℹ info Fetching https://www.cloudflare.com/ips-v4
[5/21/2021] [5:53:43 PM] [IP Ranges] › ℹ info Fetching https://www.cloudflare.com/ips-v6
[5/21/2021] [5:53:43 PM] [SSL ] › ℹ info Let's Encrypt Renewal Timer initialized
[5/21/2021] [5:53:43 PM] [SSL ] › ℹ info Renewing SSL certs close to expiry...
[5/21/2021] [5:53:43 PM] [IP Ranges] › ℹ info IP Ranges Renewal Timer initialized
[5/21/2021] [5:53:43 PM] [Global ] › ℹ info Backend PID 537 listening on port 3000 ...
[5/21/2021] [5:53:44 PM] [Nginx ] › ℹ info Reloading Nginx
[5/21/2021] [5:53:44 PM] [SSL ] › ℹ info Renew Complete
`QueryBuilder#allowEager` method is deprecated. You should use `allowGraph` instead. `allowEager` method will be removed in 3.0
`QueryBuilder#eager` method is deprecated. You should use the `withGraphFetched` method instead. `eager` method will be removed in 3.0
QueryBuilder#omit is deprecated. This method will be removed in version 3.0
[5/21/2021] [5:54:50 PM] [Nginx ] › ℹ info Reloading Nginx
[5/21/2021] [5:54:50 PM] [SSL ] › ℹ info Requesting Let'sEncrypt certificates for Cert #31: homeassistant.h*****s.org
[5/21/2021] [5:54:56 PM] [Nginx ] › ℹ info Reloading Nginx
[5/21/2021] [5:54:56 PM] [Express ] › ⚠ warning Command failed: /usr/bin/certbot certonly --non-interactive --config "/etc/letsencrypt.ini" --cert-name "npm-31" --agree-tos --email "j**********[email protected]" --preferred-challenges "dns,http" --domains "homeassistant.h*****s.org"
Saving debug log to /data/logs/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Performing the following challenges:
http-01 challenge for homeassistant.h*****s.org
Using the webroot path /data/letsencrypt-acme-challenge for all unmatched domains.
Waiting for verification...
Challenge failed for domain homeassistant.h*****s.org
http-01 challenge for homeassistant.h*****s.org
Cleaning up challenges
Some challenges have failed.
Any idea ?? 
This is exactly what I was looking for! Thank you!
Same problem here…
Did you find a solve?
Thanks
1 Like
Has anyone been able to find a fix for this?
I am still unable to get nginx Proxy manager to work properly… i’m constantly met with errors even when following the directions to the T… can anyone help please?
ui says: Internal Error
log says:
[10/26/2021] [9:08:34 AM] [Nginx ] › ℹ info Reloading Nginx
[10/26/2021] [9:08:34 AM] [SSL ] › ℹ info Renew Complete
`QueryBuilder#allowEager` method is deprecated. You should use `allowGraph` instead. `allowEager` method will be removed in 3.0
`QueryBuilder#eager` method is deprecated. You should use the `withGraphFetched` method instead. `eager` method will be removed in 3.0
QueryBuilder#omit is deprecated. This method will be removed in version 3.0
[10/26/2021] [9:31:50 AM] [Nginx ] › ℹ info Reloading Nginx
[10/26/2021] [9:31:50 AM] [SSL ] › ℹ info Requesting Let'sEncrypt certificates for Cert #1: XXXXredacted.duckdns.org
[10/26/2021] [9:32:03 AM] [Nginx ] › ℹ info Reloading Nginx
[10/26/2021] [9:32:03 AM] [Express ] › ⚠ warning Command failed: /usr/bin/certbot certonly --non-interactive --config "/etc/letsencrypt.ini" --cert-name "npm-1" --agree-tos --email "[email protected]" --preferred-challenges "dns,http" --domains "XXXXredacted.duckdns.org"
Saving debug log to /data/logs/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Performing the following challenges:
http-01 challenge for XXXXredacted.duckdns.org
Using the webroot path /data/letsencrypt-acme-challenge for all unmatched domains.
Waiting for verification...
Challenge failed for domain XXXXredacted.duckdns.org
http-01 challenge for XXXXredacted.duckdns.org
Cleaning up challenges
Some challenges have failed.
Thanks
Did you figure it out?
I’m having the same issues it seems…
Thanks
Same problem for me as well… despite verifying NAT on 443 & 80 ports
Some idea ?
same here. NGINX Proxy Manager tells me “Internal Error” when trying to use SSL.
Complete re-installation of Nginx PM and Maria DB from scratch…
And got a new SSL certificate…
Just take care not using MariaDB elsewhere.
Hi, I solved, oppenin port 80,81,443 in my server and my DNS I gave in zone editor the ip of the computer installed Nginx Proxy Manager
So I came across this because I was getting the Internal Error but looking at Post 5 I realized my problem, which is probably most of the DuckDNS people here’s problem as well.
With DuckDNS you need to set Nginx SSL to Use a DNS Challenge & from the DNS Provider list choose DuckDNS
You then need to login to DuckDNS.org & copy your token to the dns_duckdns_token=your-duckdns-token box so it looks something like dns_duckdns_token=123abc-zyxwv9876-1234-abcd-1a2b3c4d5e
Since I was renewing mine I forgot that & I’m guessing those here did as well. Any future lookers as well, since there wasn’t a solution yet hope it helps
4 Likes
Just ran into this problem and this solution worked 3 times in a row
delete the SSL cert under ‘SSL certificates’
go back to ‘proxy hosts’ and edit the offending proxy host
goto ‘SSL’ and ‘request a new SSL certificate’, enter email address and agree to the terms … that’s it … don’t use ‘force SSL’ or anything else … click save
3 times in a row I got new cert and no internal error
then go back into offending Proxy host and edit again … I was then able to add ‘force ssl’, ‘HTTP/2 support’ etc
loaded into my browser and no SSL errors
hope this helps someone
2 Likes
OMG
Thank you so much for this
Been trying things for hours
SERIOUSLY … WHY is this not in the notes for this addon
Thanks Buddy! Saved the day.
I was able to fix this by setting another port than 80 on the addon.
(emulated_hue must run on port 80 for alexa to find it)
I forwarded the other port to WAN 80 and was able to get a ssl cert.
That took me around 3 days…
I was so focused on the freakin Port 443 to 8123 that I didn’t even realize this could be the problem.
Thanks, this works perfect for me!
since i ran into the same problem running Home Assistant in Docker, here is what helped:
- disable force SSL in SSL cert settings
- renew SSL cert
- enable force SSL
maybe this helps sb.
1 Like
Not sure what happened on my end - access to duckdns stopped last night and logs showed new issues with SSL. Recreating the cert in NGINX was the fix. For some reason the add-on data was wiped (my saved login wouldn’t work). I had to use the initial login (example/change me), then set everything up from scratch. Since it had been a couple years since my initial setup (and without failure in that time!), the reminder to add the challenge for DuckDNS was very helpful.
Since this may help someone out: Following the quick video on the add-on Info page, one hangup I had was that after creating the proxy host and clicking on the link, it would not load HA for me to log in. The link was using https when it needed to be http (since there is no cert). After logging in through http://mydomain, I was able to go back and successfully make a new SSL cert to get my site back up and running.