nginx-proxy-manager icon indicating copy to clipboard operation
nginx-proxy-manager copied to clipboard
Published 2 months ago verified publisher icon NginxProxyManager

how to delete old domains already deleted that do not appear in the web interface

Open njavilas opened this issue 4 years ago • 13 comments

Hello how to delete old domains ?

Failed to renew certificate npm-2 with error: Some challenges have failed. proxy_v6 | All renewals failed. The following certificates could not be renewed: proxy_v6 | /etc/letsencrypt/live/npm-1/fullchain.pem (failure) proxy_v6 | /etc/letsencrypt/live/npm-10/fullchain.pem (failure) proxy_v6 | /etc/letsencrypt/live/npm-11/fullchain.pem (failure) proxy_v6 | /etc/letsencrypt/live/npm-12/fullchain.pem (failure) proxy_v6 | /etc/letsencrypt/live/npm-13/fullchain.pem (failure) proxy_v6 | /etc/letsencrypt/live/npm-2/fullchain.pem (failure) proxy_v6 | 6 renew failure(s), 0 parse failure(s)

at ChildProcess.exithandler (node:child_process:326:12) proxy_v6 | at ChildProcess.emit (node:events:369:20) proxy_v6 | at maybeClose (node:internal/child_process:1067:16) proxy_v6 | at Process.ChildProcess._handle.onexit (node:internal/child_process:301:5) proxy_v6 | QueryBuilder#allowEager method is deprecated. You should use allowGraph instead. allowEager method will be removed in 3.0 proxy_v6 | `QueryBuilder

njavilas avatar Jun 07 '21 18:06 njavilas

I've been having this issue as well, none of my certs are renewing because it's failing on old domains that aren't in the UI anymore

RobinVanCauter avatar Jun 08 '21 19:06 RobinVanCauter

Do you remember how you deleted these certificates? Did some error occur?

The other certs should be fine, just the expiry date in date in the ui does not update if one of the certificates failed to renew.

Unfortunately I can't think of a different fix than to just delete the certificates from certbot which are still there but shouldn't.

chaptergy avatar Jun 08 '21 21:06 chaptergy

if they are domains removed from the interface

njavilas avatar Jun 17 '21 18:06 njavilas

I am having same issue: no errors observed in GUI when deleting a cert, but cert remains and the cert doesn't show up in the GUI at all. npm-9.conf is the errant cert below:

bash-5.0# ls -lth
total 28K    
-rw-r--r--    1 app      app          551 Oct 28 17:21 npm-19.conf
-rw-r--r--    1 app      app          610 Oct 28 16:31 npm-16.conf
-rw-r--r--    1 app      app          610 Oct 28 16:30 npm-18.conf
-rw-r--r--    1 app      app          605 Oct 28 16:28 npm-7.conf
-rw-r--r--    1 app      app          610 Oct 28 16:28 npm-17.conf
-rw-r--r--    1 app      app          605 Oct 28 16:27 npm-3.conf
-rw-r--r--    1 app      app          614 May 28 11:12 npm-9.conf
bash-5.0# pwd
/data/letsencrypt/renewal
bash-5.0#

I've pulled the latest image w/no avail. At the least some rudimentary logic on startup to validate the certs NPM things it should have are all it should have.

fiveangle avatar Oct 29 '21 01:10 fiveangle

Anyone got a solution to clean up certificates which were deleted from the GUI but are still renewed and stored?

davhae avatar Oct 11 '22 13:10 davhae

Workaround preventing NPM renewing certs which are not visible in GUI but on filesystem:

rm /<path-to-nginx-proxy-manager>/letsencrypt/renewal/npm-201.conf
rm -rf /<path-to-nginx-proxy-manager>/letsencrypt/live/npm-201/

davhae avatar Nov 22 '22 10:11 davhae

Issue is now considered stale. If you want to keep it open, please comment :+1:

github-actions[bot] avatar Mar 10 '24 01:03 github-actions[bot]

I've got a ton of these as well; I have never found a guide or other ad hoc instructions on how to properly kill off certs for deleted proxy hosts/domains. I would be forever indebted to whomever can point me to this information if it exists.

I have no idea how to deal with certbot directly in this context, or at all really. Welcome all constructive comments/information. Thanks and have a great day!

p.s. Apologies for resurrecting an old thread; figured it was better than creating a new one.

mrfuntime avatar Jun 29 '24 17:06 mrfuntime

I kinda managed to solve the issue setting manually to 0 the column is_deleted of all deleted proxy hosts in table certificate. this prevent the bot to keep trying on renewing deleted hosts (or at list it seems to)

it looks like when deleting a proxy host, the relevant row of the table certificate isnt updated properly

nik2208 avatar Aug 27 '24 02:08 nik2208

I had the same issue of a dangling unused expired ssl certificate not shown in the NPM gui that was causing errors in the log. I followed these instructions to delete the certificate through certbot: https://serverfault.com/questions/896711/how-to-totally-remove-a-certbot-created-ssl-certificate

List certificates managed by certbot to identify the name of the one to delete:

sudo certbot certificates

Delete the certificate by name, in my case npm-5:

sudo certbot delete --cert-name npm-5

jm-deltaxp avatar Feb 14 '25 14:02 jm-deltaxp

Delete the certificate by name, in my case npm-5:

sudo certbot delete --cert-name npm-5

Now this causes:

Renewing Let'sEncrypt certificates for Cert #3: loremipsum.duckdns.org
...
nginx-proxy-manager  | No certificate found with name npm-3 (expected /etc/letsencrypt/renewal/npm-3.conf).

mathieu-clement avatar May 05 '25 16:05 mathieu-clement

What worked for me is deleting from the certificate table.

mathieu-clement avatar May 05 '25 16:05 mathieu-clement

Issue is now considered stale. If you want to keep it open, please comment :+1:

github-actions[bot] avatar Nov 10 '25 02:11 github-actions[bot]