ACME error - Could not find solver for: tls-alpn-01

[Green2Matter]

Describe the bug
Not able to create SSL certificate using builtin ACME client

To Reproduce
Steps to reproduce the behavior:

1. Configure DNS credentials (OVH - ovh-eu, all keys provided and work correctly in other instances)
2. Go to 'Certificates List'
3. Click on 'Issue wildcard cert.'
4. Log:

Getting the certificate, please wait...

2024/05/24 19:38:29 [INFO] [Nginx UI] Preparing lego configurations

2024/05/24 19:38:29 [INFO] [Nginx UI] ACME User: System Initial User, Email: [email protected], CA Dir: https://acme-v02.api.letsencrypt.org/directory

2024/05/24 19:38:29 [INFO] [Nginx UI] Creating client facilitates communication with the CA server

2024/05/24 19:38:29 [INFO] [Nginx UI] Setting DNS01 challenge provider

2024/05/24 19:38:29 [INFO] [Nginx UI] Setting environment variables

2024/05/24 19:38:29 [INFO] [Nginx UI] Obtaining certificate

2024/05/24 19:38:29 [INFO] [*.domain.com, domain.com] acme: Obtaining bundled SAN certificate

2024/05/24 19:38:31 [INFO] [*.domain.com] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/1111111111111111

2024/05/24 19:38:31 [INFO] [domain.com] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/2222222222222

2024/05/24 19:38:31 [INFO] [*.domain.com] acme: use dns-01 solver

2024/05/24 19:38:31 [INFO] [domain.com] acme: Could not find solver for: tls-alpn-01

2024/05/24 19:38:31 [INFO] [domain.com] acme: Could not find solver for: http-01

2024/05/24 19:38:31 [INFO] [domain.com] acme: use dns-01 solver

2024/05/24 19:38:31 [INFO] [*.domain.com] acme: Preparing to solve DNS-01

2024/05/24 19:38:31 [INFO] Found CNAME entry for "_acme-challenge.domain.com.": "domain.com."

2024/05/24 19:38:31 [INFO] [domain.com] acme: Preparing to solve DNS-01

2024/05/24 19:38:31 [INFO] Found CNAME entry for "_acme-challenge.domain.com.": "domain.com."

2024/05/24 19:38:31 [INFO] [*.domain.com] acme: Cleaning DNS-01 challenge

2024/05/24 19:38:31 [INFO] Found CNAME entry for "_acme-challenge.domain.com.": "domain.com."

2024/05/24 19:38:31 [WARN] [*.domain.com] acme: cleaning up failed: ovh: unknown record ID for 'domain.com.'

2024/05/24 19:38:31 [INFO] [domain.com] acme: Cleaning DNS-01 challenge

2024/05/24 19:38:31 [INFO] Found CNAME entry for "_acme-challenge.domain.com.": "domain.com."

2024/05/24 19:38:31 [WARN] [domain.com] acme: cleaning up failed: ovh: unknown record ID for 'domain.com.'

2024/05/24 19:38:31 [INFO] Deactivating auth: https://acme-v02.api.letsencrypt.org/acme/authz-v3/1111111111111111

2024/05/24 19:38:31 [INFO] Deactivating auth: https://acme-v02.api.letsencrypt.org/acme/authz-v3/2222222222222

2024/05/24 19:38:32 [INFO] [Nginx UI] Reloading nginx

obtain certificate error: error: one or more domains had a problem: [*.domain.com] [*.domain.com] acme: error presenting token: ovh: no subdomain because the domain and the zone are identical: domain.com. [domain.com] [domain.com] acme: error presenting token: ovh: no subdomain because the domain and the zone are identical: domain.com.

Expected behavior
Create certificate

Info (please complete the following information):

• Server OS: Proxmox LXC
• Server Arch: x86
• Nginx UI Version: 2.0.0-beta.24 (135)
• Your Browser: Chrome, Safari

[0xJacky]

no subdomain because the domain and the zone are identical: domain.com.

It seems that the error is returned by the dns provider, have you try to issue the certificate again, or try another dns prodiver?

[Green2Matter]

no subdomain because the domain and the zone are identical: domain.com.

It seems that the error is returned by the dns provider, have you try to issue the certificate again, or try another dns prodiver?

I've installed acme.sh and got certificate (using same API keys) after issuing:
acme.sh --issue -d domain.com -d '*.domain.com' --dns dns_ovh --server letsencrypt --keylength ec-384
To me it looks like nginxui acme client doesn't submit correctly either keys or domain while sending request...

[0xJacky]

You can try https://github.com/go-acme/lego with CLI mode, in nginxui we use this tool to obtain certificate, if the problem still exists maybe we should turn to the author of that project for help.

[Green2Matter]

What version of lego package do you use? In debian there's available lego/stable 4.9.1-1 amd64.
When I have spare time, I'll try to install and test it...

[0xJacky]

v4.16.1

[Green2Matter]

So, after issuing command:
lego --email [email protected] --dns ovh --domains domain.com --domains *.domain.com run
I received:

2024/05/27 03:26:33 No key found for account [email protected]. Generating a P256 key.
2024/05/27 03:26:33 Saved key to /root/.lego/accounts/acme-v02.api.letsencrypt.org/[email protected]/keys/[email protected]
2024/05/27 03:26:34 Please review the TOS at https://letsencrypt.org/documents/LE-SA-v1.4-April-3-2024.pdf
Do you accept the TOS? Y/n
y
2024/05/27 03:26:36 [INFO] acme: Registering account for [email protected]
!!!! HEADS UP !!!!

Your account credentials have been saved in your Let's Encrypt
configuration directory at "/root/.lego/accounts".

You should make a secure backup of this folder now. This
configuration directory will also contain certificates and
private keys obtained from Let's Encrypt so making regular
backups of this folder is ideal.
2024/05/27 03:26:37 [INFO] [domain.com, *.domain.com] acme: Obtaining bundled SAN certificate
2024/05/27 03:26:37 [INFO] [*.domain.com] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/355956570702
2024/05/27 03:26:37 [INFO] [domain.com] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/355956570712
2024/05/27 03:26:37 [INFO] [*.domain.com] acme: use dns-01 solver
2024/05/27 03:26:37 [INFO] [domain.com] acme: Could not find solver for: tls-alpn-01
2024/05/27 03:26:37 [INFO] [domain.com] acme: Could not find solver for: http-01
2024/05/27 03:26:37 [INFO] [domain.com] acme: use dns-01 solver
2024/05/27 03:26:37 [INFO] [*.domain.com] acme: Preparing to solve DNS-01
2024/05/27 03:26:38 [INFO] Found CNAME entry for "_acme-challenge.domain.com.": "domain.com."
2024/05/27 03:26:38 [INFO] [domain.com] acme: Preparing to solve DNS-01
2024/05/27 03:26:38 [INFO] Found CNAME entry for "_acme-challenge.domain.com.": "domain.com."
2024/05/27 03:26:38 [INFO] [*.domain.com] acme: Trying to solve DNS-01
2024/05/27 03:26:38 [INFO] Found CNAME entry for "_acme-challenge.domain.com.": "domain.com."
2024/05/27 03:26:38 [INFO] [*.domain.com] acme: Checking DNS record propagation using [1.1.1.1:53]
2024/05/27 03:26:40 [INFO] Wait for propagation [timeout: 1m0s, interval: 2s]
2024/05/27 03:26:47 [INFO] [*.domain.com] The server validated our request
2024/05/27 03:26:47 [INFO] [domain.com] acme: Trying to solve DNS-01
2024/05/27 03:26:47 [INFO] Found CNAME entry for "_acme-challenge.domain.com.": "domain.com."
2024/05/27 03:26:47 [INFO] [domain.com] acme: Checking DNS record propagation using [1.1.1.1:53]
2024/05/27 03:26:49 [INFO] Wait for propagation [timeout: 1m0s, interval: 2s]
2024/05/27 03:26:57 [INFO] [domain.com] The server validated our request
2024/05/27 03:26:57 [INFO] [*.domain.com] acme: Cleaning DNS-01 challenge
2024/05/27 03:26:57 [INFO] Found CNAME entry for "_acme-challenge.domain.com.": "domain.com."
2024/05/27 03:26:57 [INFO] [domain.com] acme: Cleaning DNS-01 challenge
2024/05/27 03:26:57 [INFO] Found CNAME entry for "_acme-challenge.domain.com.": "domain.com."
2024/05/27 03:26:57 [INFO] [domain.com, *.domain.com] acme: Validations succeeded; requesting certificates
2024/05/27 03:26:58 [INFO] [domain.com] Server responded with a certificate.

Thus, it seems like issue is within nginxui...

[DekFTW]

I'm unable to get wildcard certificates, too. But they worked in the past with nginx-ui.

[0xJacky]

I'm unable to get wildcard certificates, too. But they worked in the past with nginx-ui.

Please provide the logs, thanks!

[Green2Matter]

I will add also that dashboard's graphs (CPU and Network) aren't refreshed properly:

Graphs are visible only on page load and after a few seconds - with first auto refresh, they are gone...

[0xJacky]

Did you use nginx to proxy the nginx-ui?

[0xJacky]

I will add also that dashboard's graphs (CPU and Network) aren't refreshed properly: Graphs are visible only on page load and after a few seconds - with first auto refresh, they are gone...

This issue is common if the websocket is not available, you can press F12 to open the console of the browser, switch to the Network tab and check if the server send the analytics data through websocket properly.

[0xJacky]

What version of lego package do you use? In debian there's available lego/stable 4.9.1-1 amd64. When I have spare time, I'll try to install and test it...

I will upgrade lego to the latest version(v4.17.3) in next beta verison of nginx-ui, but I can't ensure this will solve your problem.

[Green2Matter]

This issue is common if the websocket is not available, you can press F12 to open the console of the browser, switch to the Network tab and check if the server send the analytics data through websocket properly.

"nodes?token" https status is 101 (switching protocols) and there are empty ("{}") messages sent. Same behaviour is on non proxied (port 9000, raw nginxui data) service as is on proxied https - which uses http2.
"nginx_log?token" has same status (101) and in messages: '{"type":"error","server_idx":null,"directive_idx":null}'
In both cases payload consists of the same token.

[Green2Matter]

"nodes?token" https status is 101 (switching protocols) and there are empty ("{}") messages sent. Same behaviour is on non proxied (port 9000, raw nginxui data) service as is on proxied https - which uses http2. "nginx_log?token" has same status (101) and in messages: '{"type":"error","server_idx":null,"directive_idx":null}' In both cases payload consists of the same token.

Ok, I've re-applied your Nginx config for nginxui and now I receive messages but dashboard graphs (except Disk I/O) remaining empty...
But non proxied (port 9000) doesn't receive any message...

[0xJacky]

Did you try to reinstall nginx-ui? I mean remove the database.db and app.ini in /usr/local/etc/nginx-ui, and use the installation script to reinstall it.

[Green2Matter]

Did you try to reinstall nginx-ui? I mean remove the database.db and app.ini in /usr/local/etc/nginx-ui, and use the installation script to reinstall it.

That's what I did:

root@nginx:~# service nginx-ui stop
root@nginx:~# cd /usr/local/etc/nginx-ui
root@nginx:/usr/local/etc/nginx-ui# mv app.ini app.ini-old
root@nginx:/usr/local/etc/nginx-ui# mv database.db database.db-old
root@nginx:/usr/local/etc/nginx-ui# cd
root@nginx:~# bash <(curl -L -s https://raw.githubusercontent.com/0xJacky/nginx-ui/master/install.sh) remove
Removed "/etc/systemd/system/multi-user.target.wants/nginx-ui.service".
removed: /usr/local/bin/nginx-ui
removed: /etc/systemd/system/nginx-ui.service
removed: /etc/systemd/system/nginx-ui.service.d
You may need to execute a command to remove dependent software: apt purge curl
info: Nginx UI has been removed.
info: If necessary, manually delete the configuration and log files.
info: e.g., /usr/local/etc/nginx-ui ...
root@nginx:~#  ls -l /usr/local/etc/nginx-ui
total 33
-rw-r--r-- 1 root root    983 May 29 13:30 app.ini-old
-rw-r--r-- 1 root root 155648 May 31 04:45 database.db-old
root@nginx:~# bash <(curl -L -s https://raw.githubusercontent.com/0xJacky/nginx-ui/master/install.sh) install
info: Installing Nginx UI v2.0.0-beta.24 for x86_64
Downloading Nginx UI archive: https://github.com/0xJacky/nginx-ui/releases/download/v2.0.0-beta.24/nginx-ui-linux-64.tar.gz
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
100 32.7M  100 32.7M    0     0  22.1M      0  0:00:01  0:00:01 --:--:-- 47.7M
/tmp/tmp.V7yiV6MOdV/nginx-ui-linux-64.tar.gz
info: Extract the Nginx UI package to /tmp/tmp.V7yiV6MOdV and prepare it for installation.
installed: /usr/local/bin/nginx-ui
info: Systemd service files have been installed successfully!
note: The following are the actual parameters for the nginx-ui service startup.
note: Please make sure the configuration file path is correctly set.
# /etc/systemd/system/nginx-ui.service
[Unit]
Description=Yet another WebUI for Nginx
Documentation=https://github.com/0xJacky/nginx-ui
After=network.target

[Service]
Type=simple
ExecStart=/usr/local/bin/nginx-ui -config /usr/local/etc/nginx-ui/app.ini
Restart=on-failure
TimeoutStopSec=5
KillMode=mixed

[Install]
WantedBy=multi-user.target

installed: /etc/systemd/system/nginx-ui.service
removed: /tmp/tmp.V7yiV6MOdV
info: Nginx UI v2.0.0-beta.24 is installed.
info: The default configuration file was installed to '/usr/local/etc/nginx-ui/app.ini' successfully!
note: The following are the current configuration for the nginx-ui.
note: Please change the information if needed.
# /usr/local/etc/nginx-ui/app.ini

[server]
RunMode = release
HttpPort = 9000
HTTPChallengePort = 9180

Created symlink /etc/systemd/system/multi-user.target.wants/nginx-ui.service -> /etc/systemd/system/nginx-ui.service.
info: Start and enable the Nginx UI service.

Content of app.ini:

[server]
RunMode              = release
HttpPort             = 9000
HTTPChallengePort    = 9180
HttpHost             = 0.0.0.0
JwtSecret            = xxxxxxxxx
NodeSecret           = xxxxxxxxxx
Email                = [email protected]
Database             = database
StartCmd             = login
CADir                = 
Demo                 = false
PageSize             = 10
GithubProxy          = 
CertRenewalInterval  = 7
RecursiveNameservers = 
SkipInstallation     = false
Name                 = 

[nginx]
AccessLogPath = 
ErrorLogPath  = 
ConfigDir     = 
PIDPath       = 
TestConfigCmd = 
ReloadCmd     = 
RestartCmd    = 

[openai]
BaseUrl = 
Token   = 
Proxy   = 
Model   = 

[casdoor]
Endpoint     = 
ClientId     = 
ClientSecret = 
Certificate  = 
Organization = 
Application  = 
RedirectUri  = 

[logrotate]
Enabled  = false
CMD      = logrotate /etc/logrotate.d/nginx
Interval = 1440

[cluster]
Node = 

And reinstallation didn't change anything...

[0xJacky]

Did you visit http://ip:port/install in the browser?

[Green2Matter]

Did you visit http://ip:port/install in the browser?

Yes, of course. User and database were created at that step...

root@nginx:/usr/local/etc/nginx-ui# ls -la
total 43
drwxr-xr-x 2 root root      6 Jun  1 09:36 .
drwxr-xr-x 3 root root      3 May 23 21:31 ..
-rw-r--r-- 1 root root    973 Jun  1 09:24 app.ini
-rw-r--r-- 1 root root    983 May 29 13:30 app.ini-old
-rw-r--r-- 1 root root  90112 Jun  1 09:36 database.db
-rw-r--r-- 1 root root 155648 May 31 04:45 database.db-old

[0xJacky]

Hi @Green2Matter, I updated the lego version to v4.17.3 in the nginx UI v2-beta.25, and you can try this version to see if the problem still persists.

[Green2Matter]

Hi @0xJacky unfortunately it didn't help. Still there's the same error...

[0xJacky]

I am sorry about that, can you please provide us the logs of Nginx UI?

By executing the following command:

journalctl -u nginx-ui -f

[Green2Matter]

journalctl -u nginx-ui -f

logs (sanitised) when trying to issue cert:

Jun 24 06:12:03 nginx nginx-ui[387]: 2024-06-24 06:12:03        INFO        cert/auto_cert.go:22        AutoCert Worker Started
Jun 24 06:12:03 nginx nginx-ui[387]: 2024-06-24 06:12:03        INFO        cert/auto_cert.go:27        AutoCert Worker End
Jun 24 12:12:03 nginx nginx-ui[387]: 2024-06-24 12:12:03        INFO        cert/auto_cert.go:22        AutoCert Worker Started
Jun 24 12:12:03 nginx nginx-ui[387]: 2024-06-24 12:12:03        INFO        cert/auto_cert.go:27        AutoCert Worker End
Jun 24 18:12:03 nginx nginx-ui[387]: 2024-06-24 18:12:03        INFO        cert/auto_cert.go:22        AutoCert Worker Started
Jun 24 18:12:03 nginx nginx-ui[387]: 2024-06-24 18:12:03        INFO        cert/auto_cert.go:27        AutoCert Worker End
Jun 25 00:12:03 nginx nginx-ui[387]: 2024-06-25 00:12:03        INFO        cert/auto_cert.go:22        AutoCert Worker Started
Jun 25 00:12:03 nginx nginx-ui[387]: 2024-06-25 00:12:03        INFO        cert/auto_cert.go:27        AutoCert Worker End
Jun 25 06:12:03 nginx nginx-ui[387]: 2024-06-25 06:12:03        INFO        cert/auto_cert.go:22        AutoCert Worker Started
Jun 25 06:12:03 nginx nginx-ui[387]: 2024-06-25 06:12:03        INFO        cert/auto_cert.go:27        AutoCert Worker End
Jun 25 10:14:56 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:56 | 200 |      55.436µs |      172.16.4.2 | GET      "/"
Jun 25 10:14:56 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:56 | 200 |     680.258µs |      172.16.4.2 | GET      "/assets/index-D7b6oCOX.css"
Jun 25 10:14:56 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:56 | 200 |   13.352645ms |      172.16.4.2 | GET      "/assets/index-AXR6aXPC.js"
Jun 25 10:14:56 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:56 | 200 |     215.034µs |      172.16.4.2 | GET      "/assets/Login-pXAgiOu4.js"
Jun 25 10:14:56 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:56 | 200 |      32.266µs |      172.16.4.2 | GET      "/assets/Login-DgMf9qbl.css"
Jun 25 10:14:56 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:56 | 200 |      23.906µs |      172.16.4.2 | GET      "/assets/LeftOutlined-Ce2P0k6Z.js"
Jun 25 10:14:56 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:56 | 200 |     189.883µs |      172.16.4.2 | GET      "/assets/index-CsKV43f_.js"
Jun 25 10:14:56 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:56 | 200 |     235.169µs |      172.16.4.2 | GET      "/assets/hasIn-flFuy7s3.js"
Jun 25 10:14:56 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:56 | 200 |    1.666075ms |      172.16.4.2 | GET      "/favicon.ico"
Jun 25 10:14:56 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:56 | 200 |     199.219µs |      172.16.4.2 | GET      "/assets/isNumeric-DjvBa-1E.js"
Jun 25 10:14:56 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:56 | 200 |    3.672862ms |      172.16.4.2 | GET      "/assets/FormItem-CnNpfPwX.js"
Jun 25 10:14:56 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:56 | 200 |     176.659µs |      172.16.4.2 | GET      "/assets/index-YPwfCjla.js"
Jun 25 10:14:56 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:56 | 200 |       31.18µs |      172.16.4.2 | GET      "/assets/SwitchAppearance-DGf0GoR6.css"
Jun 25 10:14:56 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:56 | 200 |      23.193µs |      172.16.4.2 | GET      "/assets/_plugin-vue_export-helper-DlAUqK2U.js"
Jun 25 10:14:56 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:56 | 200 |     760.322µs |      172.16.4.2 | GET      "/assets/index-BlDJe_3R.js"
Jun 25 10:14:56 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:56 | 200 |    2.454694ms |      172.16.4.2 | GET      "/assets/collapseMotion-Dj1GK1xy.js"
Jun 25 10:14:56 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:56 | 200 |     417.843µs |      172.16.4.2 | GET      "/assets/useState-D9rSTOBz.js"
Jun 25 10:14:56 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:56 | 200 |     574.096µs |      172.16.4.2 | GET      "/assets/index-CUN4yWXM.js"
Jun 25 10:14:56 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:56 | 200 |       26.63µs |      172.16.4.2 | GET      "/assets/install-BkoHTlhi.js"
Jun 25 10:14:56 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:56 | 200 |      770.98µs |      172.16.4.2 | GET      "/assets/index-CTWG0oBz.js"
Jun 25 10:14:56 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:56 | 200 |     133.012µs |      172.16.4.2 | GET      "/assets/auth-Cwz5REn-.js"
Jun 25 10:14:56 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:56 | 200 |    1.572074ms |      172.16.4.2 | GET      "/assets/SwitchAppearance-BxjEh05o.js"
Jun 25 10:14:56 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:56 | 404 |      53.535µs |      172.16.4.2 | GET      "/apple-touch-icon-precomposed.png"
Jun 25 10:14:56 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:56 | 404 |       57.93µs |      172.16.4.2 | GET      "/apple-touch-icon.png"
Jun 25 10:14:56 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:56 | 200 |      68.046µs |      172.16.4.2 | GET      "/api/install"
Jun 25 10:14:56 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:56 | 200 |      26.468µs |      172.16.4.2 | GET      "/api/casdoor_uri"
Jun 25 10:14:59 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:59 | 200 |   85.250676ms |      172.16.4.2 | POST     "/api/login"
Jun 25 10:14:59 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:59 | 200 |     125.324µs |      172.16.4.2 | GET      "/assets/index-CrUgncqQ.js"
Jun 25 10:14:59 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:59 | 200 |        24.8µs |      172.16.4.2 | GET      "/assets/index-kkTyMOmy.js"
Jun 25 10:14:59 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:59 | 200 |       27.44µs |      172.16.4.2 | GET      "/assets/logo-BdBia8CW.js"
Jun 25 10:14:59 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:59 | 200 |     222.098µs |      172.16.4.2 | GET      "/assets/lodash-ftVrFAq9.js"
Jun 25 10:14:59 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:59 | 200 |     811.291µs |      172.16.4.2 | GET      "/assets/BaseLayout-CiTTlrGx.js"
Jun 25 10:14:59 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:59 | 200 |      79.752µs |      172.16.4.2 | GET      "/assets/ngx-CVugmhkh.js"
Jun 25 10:14:59 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:59 | 200 |      27.552µs |      172.16.4.2 | GET      "/assets/constants-DF6Txvz5.js"
Jun 25 10:14:59 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:59 | 200 |       34.26µs |      172.16.4.2 | GET      "/assets/DashBoard-8cUN7Xfw.css"
Jun 25 10:14:59 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:59 | 200 |     126.098µs |      172.16.4.2 | GET      "/assets/index-DUWFthmR.js"
Jun 25 10:14:59 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:59 | 200 |     138.707µs |      172.16.4.2 | GET      "/assets/index-JJ0BknW1.js"
Jun 25 10:14:59 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:59 | 200 |      27.971µs |      172.16.4.2 | GET      "/assets/index-Zen8zohf.js"
Jun 25 10:14:59 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:59 | 200 |      22.354µs |      172.16.4.2 | GET      "/assets/detailRender-DVrqmXun.js"
Jun 25 10:14:59 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:59 | 200 |      19.544µs |      172.16.4.2 | GET      "/assets/curd-B_8ch0Ks.js"
Jun 25 10:14:59 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:59 | 200 |      21.836µs |      172.16.4.2 | GET      "/assets/DeleteOutlined-DcuZKbrY.js"
Jun 25 10:14:59 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:59 | 200 |      84.381µs |      172.16.4.2 | GET      "/assets/index-HUE0II6l.js"
Jun 25 10:14:59 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:59 | 200 |      44.776µs |      172.16.4.2 | GET      "/assets/ActionButton-CY7wxfif.js"
Jun 25 10:14:59 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:59 | 200 |     109.272µs |      172.16.4.2 | GET      "/assets/index-DwXx04dK.js"
Jun 25 10:14:59 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:59 | 200 |    6.713019ms |      172.16.4.2 | GET      "/assets/index-BRcrg3_D.js"
Jun 25 10:14:59 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:59 | 200 |     169.892µs |      172.16.4.2 | GET      "/assets/index-B1P8oy4V.js"
Jun 25 10:14:59 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:59 | 200 |     136.756µs |      172.16.4.2 | GET      "/assets/index-CSNCDUD-.js"
Jun 25 10:14:59 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:59 | 200 |      38.493µs |      172.16.4.2 | GET      "/assets/settings-DhOJc9eO.js"
Jun 25 10:14:59 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:59 | 200 |      47.219µs |      172.16.4.2 | GET      "/assets/BaseLayout-BErBCTjT.css"
Jun 25 10:14:59 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:59 | 200 |      43.242µs |      172.16.4.2 | GET      "/assets/index-DmabSQBv.js"
Jun 25 10:14:59 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:59 | 200 |      173.83µs |      172.16.4.2 | GET      "/assets/dayjs.min-DaMarZRo.js"
Jun 25 10:14:59 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:59 | 200 |      24.172µs |      172.16.4.2 | GET      "/assets/index-1_TWnF2q.js"
Jun 25 10:14:59 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:59 | 200 |      281.79µs |      172.16.4.2 | GET      "/assets/index-DQhXGIG6.js"
Jun 25 10:14:59 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:59 | 200 |       33.67µs |      172.16.4.2 | GET      "/assets/environment-UiV4YWGn.js"
Jun 25 10:14:59 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:59 | 200 |      83.569µs |      172.16.4.2 | GET      "/assets/index-vjO3kc9Z.js"
Jun 25 10:14:59 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:59 | 200 |      40.256µs |      172.16.4.2 | GET      "/assets/Icon-C61jms5X.js"
Jun 25 10:14:59 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:59 | 200 |      40.526µs |      172.16.4.2 | GET      "/assets/vue.runtime.esm-bundler-lcdwRPb9.js"
Jun 25 10:14:59 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:59 | 200 |      86.146µs |      172.16.4.2 | GET      "/assets/index-z3BA0gnK.js"
Jun 25 10:14:59 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:59 | 200 |    7.302564ms |      172.16.4.2 | GET      "/assets/DashBoard-Bs1vWtyV.js"
Jun 25 10:14:59 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:59 | 200 |     792.399µs |      172.16.4.2 | GET      "/api/environments?page=1&enabled=true"
Jun 25 10:14:59 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:59 | 200 |      505.29µs |      172.16.4.2 | GET      "/api/notifications"
Jun 25 10:14:59 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:59 | 200 |     135.061µs |      172.16.4.2 | GET      "/api/settings/server/name"
Jun 25 10:14:59 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:14:59 | 200 |    9.710254ms |      172.16.4.2 | GET      "/api/analytic/init"
Jun 25 10:15:03 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:15:03 | 200 |       34.23µs |      172.16.4.2 | GET      "/assets/Upgrade-DZWGh4ws.css"
Jun 25 10:15:03 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:15:03 | 200 |      77.375µs |      172.16.4.2 | GET      "/assets/index-DC02TOFN.js"
Jun 25 10:15:03 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:15:03 | 200 |     114.514µs |      172.16.4.2 | GET      "/assets/index-C3BfqHqO.js"
Jun 25 10:15:03 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:15:03 | 200 |      23.164µs |      172.16.4.2 | GET      "/assets/version-GMqh7Rd2.js"
Jun 25 10:15:03 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:15:03 | 200 |      68.337µs |      172.16.4.2 | GET      "/assets/Upgrade-BwIZWQds.js"
Jun 25 10:15:03 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:15:03 | 200 |    8.724154ms |      172.16.4.2 | GET      "/assets/marked.esm-5uy4Zm2q.js"
Jun 25 10:15:03 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:15:03 | 200 |  288.211753ms |      172.16.4.2 | GET      "/api/upgrade/release?channel=stable"
Jun 25 10:15:09 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:15:09 | 200 |      56.977µs |      172.16.4.2 | GET      "/assets/cert-BgipgPX_.css"
Jun 25 10:15:09 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:15:09 | 200 |      73.287µs |      172.16.4.2 | GET      "/assets/BaseRouterView-Drne784F.js"
Jun 25 10:15:09 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:15:09 | 200 |      90.283µs |      172.16.4.2 | GET      "/assets/Certificate-17Mm43sT.js"
Jun 25 10:15:09 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:15:09 | 200 |      44.664µs |      172.16.4.2 | GET      "/assets/StdTableTransformer-DJpic_14.js"
Jun 25 10:15:09 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:15:09 | 200 |      73.717µs |      172.16.4.2 | GET      "/assets/index-DJNR0JCO.js"
Jun 25 10:15:09 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:15:09 | 200 |      22.159µs |      172.16.4.2 | GET      "/assets/HolderOutlined-C2ocdpoa.js"
Jun 25 10:15:09 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:15:09 | 200 |      78.213µs |      172.16.4.2 | GET      "/assets/index-DxpySomg.js"
Jun 25 10:15:09 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:15:09 | 200 |      25.998µs |      172.16.4.2 | GET      "/assets/StdTable-Bj9DKRY0.css"
Jun 25 10:15:09 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:15:09 | 200 |      52.249µs |      172.16.4.2 | GET      "/assets/cert-z5Gwc3Wk.js"
Jun 25 10:15:09 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:15:09 | 200 |       22.23µs |      172.16.4.2 | GET      "/assets/dns_credential-BM9cXOEb.js"
Jun 25 10:15:09 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:15:09 | 200 |      19.015µs |      172.16.4.2 | GET      "/assets/Error-V3FjZzuC.js"
Jun 25 10:15:09 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:15:09 | 200 |      15.682µs |      172.16.4.2 | GET      "/assets/Error-BewJlJQW.css"
Jun 25 10:15:09 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:15:09 | 200 |   14.661612ms |      172.16.4.2 | GET      "/assets/StdTable-CLY1kPan.js"
Jun 25 10:15:10 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:15:10 | 200 |      2.1311ms |      172.16.4.2 | GET      "/api/certs?page=1&trash=false"
Jun 25 10:15:16 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:15:16 | 204 |   12.020466ms |      172.16.4.2 | DELETE   "/api/cert/2?permanent=false"
Jun 25 10:15:16 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:15:16 | 200 |     708.068µs |      172.16.4.2 | GET      "/api/certs?page=1&trash=false"
Jun 25 10:15:18 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:15:18 | 200 |     377.028µs |      172.16.4.2 | GET      "/api/certificate/dns_providers"
Jun 25 10:15:40 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:15:40 | 200 |    1.062463ms |      172.16.4.2 | GET      "/api/dns_credentials?provider=OVH"
Jun 25 10:15:47 nginx nginx-ui[387]: 2024-06-25 10:15:47        INFO        cert/logger.go:22        AutoCert 2024/06/25 10:15:47 [INFO] [Nginx UI] Preparing lego configurations
Jun 25 10:15:47 nginx nginx-ui[387]: 2024-06-25 10:15:47        INFO        cert/logger.go:22        AutoCert 2024/06/25 10:15:47 [INFO] [Nginx UI] ACME User: System Initial User, Email: [email protected], CA Dir: https://acme-v02.api.letsencrypt.org/directory
Jun 25 10:15:47 nginx nginx-ui[387]: 2024-06-25 10:15:47        INFO        cert/logger.go:22        AutoCert 2024/06/25 10:15:47 [INFO] [Nginx UI] Creating client facilitates communication with the CA server
Jun 25 10:15:48 nginx nginx-ui[387]: 2024-06-25 10:15:48        INFO        cert/logger.go:22        AutoCert 2024/06/25 10:15:48 [INFO] [Nginx UI] Setting DNS01 challenge provider
Jun 25 10:15:48 nginx nginx-ui[387]: 2024-06-25 10:15:48        INFO        cert/logger.go:22        AutoCert 2024/06/25 10:15:48 [INFO] [Nginx UI] Setting environment variables
Jun 25 10:15:48 nginx nginx-ui[387]: 2024-06-25 10:15:48        INFO        cert/logger.go:22        AutoCert 2024/06/25 10:15:48 [INFO] [Nginx UI] Obtaining certificate
Jun 25 10:15:48 nginx nginx-ui[387]: 2024-06-25 10:15:48        INFO        cert/logger.go:22        AutoCert 2024/06/25 10:15:48 [INFO] [*.domain.com, domain.com] acme: Obtaining bundled SAN certificate
Jun 25 10:15:49 nginx nginx-ui[387]: 2024-06-25 10:15:49        INFO        cert/logger.go:22        AutoCert 2024/06/25 10:15:49 [INFO] [*.domain.com] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/368566661287
Jun 25 10:15:49 nginx nginx-ui[387]: 2024-06-25 10:15:49        INFO        cert/logger.go:22        AutoCert 2024/06/25 10:15:49 [INFO] [domain.com] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/368566661297
Jun 25 10:15:49 nginx nginx-ui[387]: 2024-06-25 10:15:49        INFO        cert/logger.go:22        AutoCert 2024/06/25 10:15:49 [INFO] [*.domain.com] acme: use dns-01 solver
Jun 25 10:15:49 nginx nginx-ui[387]: 2024-06-25 10:15:49        INFO        cert/logger.go:22        AutoCert 2024/06/25 10:15:49 [INFO] [domain.com] acme: Could not find solver for: tls-alpn-01
Jun 25 10:15:49 nginx nginx-ui[387]: 2024-06-25 10:15:49        INFO        cert/logger.go:22        AutoCert 2024/06/25 10:15:49 [INFO] [domain.com] acme: Could not find solver for: http-01
Jun 25 10:15:49 nginx nginx-ui[387]: 2024-06-25 10:15:49        INFO        cert/logger.go:22        AutoCert 2024/06/25 10:15:49 [INFO] [domain.com] acme: use dns-01 solver
Jun 25 10:15:49 nginx nginx-ui[387]: 2024-06-25 10:15:49        INFO        cert/logger.go:22        AutoCert 2024/06/25 10:15:49 [INFO] [*.domain.com] acme: Preparing to solve DNS-01
Jun 25 10:15:49 nginx nginx-ui[387]: 2024-06-25 10:15:49        INFO        cert/logger.go:22        AutoCert 2024/06/25 10:15:49 [INFO] Found CNAME entry for "_acme-challenge.domain.com.": "domain.com."
Jun 25 10:15:49 nginx nginx-ui[387]: 2024-06-25 10:15:49        INFO        cert/logger.go:22        AutoCert 2024/06/25 10:15:49 [INFO] [domain.com] acme: Preparing to solve DNS-01
Jun 25 10:15:49 nginx nginx-ui[387]: 2024-06-25 10:15:49        INFO        cert/logger.go:22        AutoCert 2024/06/25 10:15:49 [INFO] Found CNAME entry for "_acme-challenge.domain.com.": "domain.com."
Jun 25 10:15:49 nginx nginx-ui[387]: 2024-06-25 10:15:49        INFO        cert/logger.go:22        AutoCert 2024/06/25 10:15:49 [INFO] [*.domain.com] acme: Cleaning DNS-01 challenge
Jun 25 10:15:49 nginx nginx-ui[387]: 2024-06-25 10:15:49        INFO        cert/logger.go:22        AutoCert 2024/06/25 10:15:49 [INFO] Found CNAME entry for "_acme-challenge.domain.com.": "domain.com."
Jun 25 10:15:49 nginx nginx-ui[387]: 2024-06-25 10:15:49        INFO        cert/logger.go:22        AutoCert 2024/06/25 10:15:49 [WARN] [*.domain.com] acme: cleaning up failed: ovh: unknown record ID for 'domain.com.'
Jun 25 10:15:49 nginx nginx-ui[387]: 2024-06-25 10:15:49        INFO        cert/logger.go:22        AutoCert 2024/06/25 10:15:49 [INFO] [domain.com] acme: Cleaning DNS-01 challenge
Jun 25 10:15:49 nginx nginx-ui[387]: 2024-06-25 10:15:49        INFO        cert/logger.go:22        AutoCert 2024/06/25 10:15:49 [INFO] Found CNAME entry for "_acme-challenge.domain.com.": "domain.com."
Jun 25 10:15:49 nginx nginx-ui[387]: 2024-06-25 10:15:49        INFO        cert/logger.go:22        AutoCert 2024/06/25 10:15:49 [WARN] [domain.com] acme: cleaning up failed: ovh: unknown record ID for 'domain.com.'
Jun 25 10:15:49 nginx nginx-ui[387]: 2024-06-25 10:15:49        INFO        cert/logger.go:22        AutoCert 2024/06/25 10:15:49 [INFO] Deactivating auth: https://acme-v02.api.letsencrypt.org/acme/authz-v3/368566661287
Jun 25 10:15:49 nginx nginx-ui[387]: 2024-06-25 10:15:49        INFO        cert/logger.go:22        AutoCert 2024/06/25 10:15:49 [INFO] Deactivating auth: https://acme-v02.api.letsencrypt.org/acme/authz-v3/368566661297
Jun 25 10:15:50 nginx nginx-ui[387]: 2024-06-25 10:15:50        ERROR        cert/logger.go:30        AutoCert obtain certificate error: error: one or more domains had a problem:
Jun 25 10:15:50 nginx nginx-ui[387]: [*.domain.com] [*.domain.com] acme: error presenting token: ovh: no subdomain because the domain and the zone are identical: domain.com.
Jun 25 10:15:50 nginx nginx-ui[387]: [domain.com] [domain.com] acme: error presenting token: ovh: no subdomain because the domain and the zone are identical: domain.com.
Jun 25 10:15:50 nginx nginx-ui[387]: 2024-06-25 10:15:50        INFO        cert/logger.go:22        AutoCert 2024/06/25 10:15:50 [INFO] [Nginx UI] Reloading nginx
Jun 25 10:15:50 nginx nginx-ui[387]: [GIN] 2024/06/25 - 10:15:50 | 200 |  2.476734037s |      172.16.4.2 | GET      "/api/domain/*.domain.com/cert?token=ZXlKaGJHY2lPaUpJVXpJMU5pSXNJblI1Y1AKBklrcFhWQ0o5LmV5SnVZVzFsSWpvaWQyeGhaR05oSWl3aVpYaHdJam94TnpFNU16azJPRGs1ZlEuTzloazJuSXBMaHBzZHJvbVBVU1k0UmVMaXM5MG4xaGdPNDNLcV84TjZKTQ==/"
Jun 25 10:15:50 nginx nginx-ui[387]: 2024-06-25 10:15:50        INFO        cert/logger.go:22        AutoCert 2024/06/25 10:15:50 [INFO] [Nginx UI] Finished
Jun 25 10:15:50 nginx nginx-ui[387]: 2024-06-25 10:15:50        ERROR        certificate/issue.go:44        write tcp 127.0.0.1:9000->127.0.0.1:54706: use of closed network connection

For a test with standalone lego, I was using exactly same ovh credentials...

[0xJacky]

Hello @Green2Matter, I apologize for keeping you waiting for so long. I have just synchronized the lego configuration file and noticed that there are updates regarding ovh in lego. I have now released a new Nginx UI v2.0.0-beta.25. You can directly reinstall v2.0.0-beta.25 through the Online Update and restart Nginx UI, or reinstall using the script, then re-add the ovh DNS credentials. You should see new options like OVH_CLIENT_ID and OVH_CLIENT_SECRET.

Please ensure that the environment variables in the DNS Credentials you add are consistent with the environment variables you use when executing lego in the terminal.
I hope this resolves your issue.

[Green2Matter]

Hi @0xJacky, thanks for an update but I'm a bit confused.
I've been running Nginx UI v2.0.0-beta.25 for a weeks already. And ok, I reinstalled it and got new OAuth2 credentials option. But this has never been required to issue certificate. For example, acme.sh works without them perfectly.
I think all boils down to this error:

obtain certificate error: error: one or more domains had a problem: [*.domain.com] [*.domain.com] acme: error presenting token: ovh: no subdomain because the domain and the zone are identical: domain.com. [domain.com] [domain.com] acme: error presenting token: ovh: no subdomain because the domain and the zone are identical: domain.com.

Lego doesn't send command understandable for OVH servers...

[0xJacky]

Please try the following steps:
SSH into the server.

1. Stop the Nginx UI service:

   systemctl stop nginx-ui

2. Execute the following command:

   LEGO_DISABLE_CNAME_SUPPORT=true /usr/local/bin/nginx-ui -config /usr/local/etc/nginx-ui/app.ini

3. Do not close the SSH session. Meanwhile, access Nginx UI in your browser and attempt to request a certificate again using the DNS Challenge method.

See if you can successfully request the certificate this time.

[0xJacky]

Hi @Green2Matter, can you try this method? I think we're very close to the casue of the issue.

[Green2Matter]

Hi @Green2Matter, can you try this method? I think we're very close to the casue of the issue.

Hi @0xJacky!
Sorry for late reply, I couldn't test it earlier. Anyway, with this new variable enabled - it did work! See below log.
Will you publish new nginx-ui version?

Getting the certificate, please wait...

2024/07/24 10:45:28 [INFO] [Nginx UI] Preparing lego configurations

2024/07/24 10:45:28 [INFO] [Nginx UI] ACME User: System Initial User, Email: [email protected], CA Dir: https://acme-v02.api.letsencrypt.org/directory

2024/07/24 10:45:28 [INFO] [Nginx UI] Creating client facilitates communication with the CA server

2024/07/24 10:45:29 [INFO] [Nginx UI] Setting DNS01 challenge provider

2024/07/24 10:45:29 [INFO] [Nginx UI] Setting environment variables

2024/07/24 10:45:29 [INFO] [Nginx UI] Obtaining certificate

2024/07/24 10:45:29 [INFO] [*.domain.com, domain.com] acme: Obtaining bundled SAN certificate

2024/07/24 10:45:30 [INFO] [*.domain.com] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/381205023477

2024/07/24 10:45:30 [INFO] [domain.com] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/381204783487

2024/07/24 10:45:30 [INFO] [*.domain.com] acme: use dns-01 solver

2024/07/24 10:45:30 [INFO] [domain.com] acme: Could not find solver for: tls-alpn-01

2024/07/24 10:45:30 [INFO] [domain.com] acme: Could not find solver for: http-01

2024/07/24 10:45:30 [INFO] [domain.com] acme: use dns-01 solver

2024/07/24 10:45:30 [INFO] [*.domain.com] acme: Preparing to solve DNS-01

2024/07/24 10:45:30 [INFO] [domain.com] acme: Preparing to solve DNS-01

2024/07/24 10:45:31 [INFO] [*.domain.com] acme: Trying to solve DNS-01

2024/07/24 10:45:31 [INFO] [*.domain.com] acme: Checking DNS record propagation. [nameservers=1.1.1.1:53]

2024/07/24 10:45:33 [INFO] Wait for propagation [timeout: 1m0s, interval: 2s]

2024/07/24 10:45:37 [INFO] [*.domain.com] The server validated our request

2024/07/24 10:45:37 [INFO] [domain.com] acme: Trying to solve DNS-01

2024/07/24 10:45:37 [INFO] [domain.com] acme: Checking DNS record propagation. [nameservers=1.1.1.1:53]

2024/07/24 10:45:39 [INFO] Wait for propagation [timeout: 1m0s, interval: 2s]

2024/07/24 10:45:43 [INFO] [domain.com] The server validated our request

2024/07/24 10:45:43 [INFO] [*.domain.com] acme: Cleaning DNS-01 challenge

2024/07/24 10:45:44 [INFO] [domain.com] acme: Cleaning DNS-01 challenge

2024/07/24 10:45:44 [INFO] [*.domain.com, domain.com] acme: Validations succeeded; requesting certificates

2024/07/24 10:45:47 [INFO] [*.domain.com] Server responded with a certificate.

2024/07/24 10:45:47 [INFO] [Nginx UI] Writing certificate to disk

2024/07/24 10:45:47 [INFO] [Nginx UI] Writing certificate private key to disk

2024/07/24 10:45:47 [INFO] [Nginx UI] Reloading nginx

2024/07/24 10:45:47 [INFO] [Nginx UI] Finished

2024/07/24 10:45:49 [INFO] [Nginx UI] Environment variables cleaned

Issued certificate successfully

[0xJacky]

Great! I’ll add a switcher at an appropriate location for users to set LEGO_DISABLE_CNAME_SUPPORT. This will allow users who use CNAME domains and cannot issue certificates to try disabling LEGO’s CNAME support and obtain certificates correctly.

Reference: Traefik Community - Traefik cannot issue certificate for CNAME’d wildcard domain.

For now, you can exit nginx-ui, restart it using systemctl, and wait for the next version of the Nginx UI.