Page tree

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


Because nginx-proxy and the companion container use separate environment variables, you can use a traditionally signed certificate for some hosts (see previous section) and letsencrypt certificates for others.  For example, you might use a wildcard certificate for "*" hosts and a letsencrypt certificate for a district's "vanity domain" ( and


Issues with LetsEncrypt

ACMEv1/ACMEv2 error

LetsEncrypt no longer supports ACMEv1 for certificate management. If your site stops automatically renewing/generating certificates, this may appear in the logs:

Code Block
docker-compose logs --tail=50 le
le_1 | 2020-01-09 11:48:43,395:INFO:simp_le:1382: Generating new account key
le_1 | ACME server returned an error: urn:acme:error:unauthorized :: The client lacks sufficient authorization ::
Account creation on ACMEv1 is disabled. Please upgrade your ACME client to a version that supports ACMEv2 / RFC 8555.
See for details.

To resolve this, make sure you have the latest jrcs/lets encrypt-nginx-proxy-companion image if/when you update the jwilder/nginx-proxy alpine image.  See


We recommend making adjustments to the timeout configuration.