I followed this tutorial to create local certificates for my home server, but now it failed to renew automatically and I have no clue waht to do. Can anybody assist me in debugging, please? https://notthebe.ee/blog/easy-ssl-in-homelab-dns01/

I’m using duckdns.org, added mydomain.duckdns.org and the local IP of my home server. In Nginx-Proxy-Manager I have created the respective wildcard certificate. The log of my NPM container reports the following:

[3/10/2024] [1:55:50 PM] [SSL      ] › ℹ  info      Renewing Let'sEncrypt certificates via DuckDNS for Cert #6: *.mydomain.duckdns.org, mydomain.duckdns.org
[3/10/2024] [1:55:50 PM] [SSL      ] › ℹ  info      Command: certbot renew --force-renewal --config "/etc/letsencrypt.ini" --work-dir "/tmp/letsencrypt-lib" --logs-dir "/tmp/letsencrypt-log" --cert-name "npm-6" --disable-hook-validation --no-random-sleep-on-renew 
[3/10/2024] [1:55:50 PM] [Global   ] › ⬤  debug     CMD: certbot renew --force-renewal --config "/etc/letsencrypt.ini" --work-dir "/tmp/letsencrypt-lib" --logs-dir "/tmp/letsencrypt-log" --cert-name "npm-6" --disable-hook-validation --no-random-sleep-on-renew 
[3/10/2024] [1:55:53 PM] [Express  ] › ⚠  warning   Saving debug log to /tmp/letsencrypt-log/letsencrypt.log
Failed to renew certificate npm-6 with error: The DNS response does not contain an answer to the question: mydomain.duckdns.org. IN TXT
All renewals failed. The following certificates could not be renewed:
  /etc/letsencrypt/live/npm-6/fullchain.pem (failure)
1 renew failure(s), 0 parse failure(s)
  • @TechAdminEnglish
    18 months ago

    I had issues with DNS checks and traced it to my pihole. I changed that container’s resolv.conf to use cloudflare DNS and it has been working fine since. It was with Caddy so needed to change over to use IPs.

  • @[email protected]English
    08 months ago

    Have you looked at the debug log? Or even what you pasted? It tells you what it’s missing (though this part doesn’t go into the whys).