cPanel - unable to find SOA record

[chiragd]

Please take a look at the bug I filed on certbot-dns-cpanel (which I think nginx-proxy-manager uses).

Checklist

• Have you pulled and found the error with jc21/nginx-proxy-manager:latest docker image?
  • Yes
• Are you sure you're not using someone else's docker image?
  • Yes
• Have you searched for similar issues (both open and closed)?
  • Yes

Describe the bug

Creating an SSL cert via DNS challenge on a cPanel host fails. The domain is a subdomain e.g. sub.domain.uk ... if I try with domain.uk it works fine.

CommandError: Saving debug log to /tmp/letsencrypt-log/letsencrypt.log
Error adding TXT record: Unable to find SOA record.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /tmp/letsencrypt-log/letsencrypt.log or re-run Certbot with -v for more details.

    at /app/lib/utils.js:16:13
    at ChildProcess.exithandler (node:child_process:430:5)
    at ChildProcess.emit (node:events:519:28)
    at maybeClose (node:internal/child_process:1105:16)
    at ChildProcess._handle.onexit (node:internal/child_process:305:5)

Nginx Proxy Manager Version

To Reproduce
Steps to reproduce the behavior:

1. Go to SSL certs
2. Click on add
3. Fill in the details using sub.domain.uk and *.sub.domain.uk
4. Choose cPanel as DNS provider.
5. Select DNS challenge
6. Observe error as mentioned above.

Expected behavior
SSL cert should be issued successfully.

Operating System
Proxmox running debian, running the latest nginx proxy manager docker.

More logs:

2024-12-16 11:38:03,114:DEBUG:acme.client:Storing nonce: GJdccAF6WgNcqXG0vA7O4JvVL0hQFSHPzgQy7q3jle9C4xQgsQ4
2024-12-16 11:38:03,115:INFO:certbot._internal.auth_handler:Performing the following challenges:
2024-12-16 11:38:03,115:INFO:certbot._internal.auth_handler:dns-01 challenge for my.domain.uk
2024-12-16 11:38:03,115:INFO:certbot._internal.auth_handler:dns-01 challenge for my.domain.uk
2024-12-16 11:38:03,463:DEBUG:certbot_dns_cpanel.dns_cpanel:{'preevent': {'result': 1}, 'func': 'fetchzones', 'data': [{'statusmsg': 'Zones fetched', 'zones': [REDACTED], 'status': 1}]}
2024-12-16 11:38:04,837:DEBUG:certbot_dns_cpanel.dns_cpanel:{'func': 'fetchzone_records', 'apiversion': 2, 'event': {'result': 1}, 'preevent': {'result': 1}, 'data': [], 'postevent': {'result': 1}, 'module': 'ZoneEdit'}
2024-12-16 11:38:04,837:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
  File "/opt/certbot/bin/certbot", line 8, in <module>
    sys.exit(main())
             ^^^^^^
  File "/opt/certbot/lib/python3.11/site-packages/certbot/main.py", line 19, in main
    return internal_main.main(cli_args)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/main.py", line 1894, in main
    return config.func(config, plugins)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/main.py", line 1600, in certonly
    lineage = _get_and_save_cert(le_client, config, domains, certname, lineage)
              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/main.py", line 143, in _get_and_save_cert
    lineage = le_client.obtain_and_enroll_certificate(domains, certname)
              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/client.py", line 517, in obtain_and_enroll_certificate
    cert, chain, key, _ = self.obtain_certificate(domains)
                          ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/client.py", line 428, in obtain_certificate
    orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/client.py", line 496, in _get_order_and_authorizations
    authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort)
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/auth_handler.py", line 88, in handle_authorizations
    resps = self.auth.perform(achalls)
            ^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/opt/certbot/lib/python3.11/site-packages/certbot/plugins/dns_common.py", line 76, in perform
    self._perform(domain, validation_domain_name, validation)
  File "/opt/certbot/lib/python3.11/site-packages/certbot_dns_cpanel/dns_cpanel.py", line 58, in _perform
    self._get_cpanel_client().add_txt_record(validation_domain_name, validation)
  File "/opt/certbot/lib/python3.11/site-packages/certbot_dns_cpanel/dns_cpanel.py", line 112, in add_txt_record
    raise errors.PluginError("Error adding TXT record: %s" % response_data['data'][0]['result']['statusmsg'])
certbot.errors.PluginError: Error adding TXT record: Unable to find SOA record.
2024-12-16 11:38:04,839:ERROR:certbot._internal.log:Error adding TXT record: Unable to find SOA record.
My web server is (include version): NA

Running cPanel with generic host. When logging into cPanel no SOA records are shown. The host says they are only shown in WHM, not cpanel.

Running cPanel 120.0.22