1. Caddy version (caddy version
):
v2.1.1 h1:X9k1+ehZPYYrSqBvf/ocUgdLSRIuiNiMo7CvyGUQKeA=
2. How I run Caddy:
Testing v2 because of major failure to renew Let’s Encrypt domain names in v1… Doing run caddy
in the directory with the Caddyfile.
a. System environment:
Ubuntu 16.04 LTS
b. Command:
./caddy run
d. My complete Caddyfile or JSON config:
(log) {
tls peter@passchier.net
encode gzip
log
}
(php) {
import log
php_fastcgi / /var/run/php/php7.0-fpm.sock php
}
passchier.net {
import php
root * /var/ww/site/
}
3. The problem I’m having:
ACME authentication/renewal problems.
4. Error messages and/or full log output:
2020/07/28 18:49:10.197 INFO using adjacent Caddyfile
2020/07/28 18:49:10.203 INFO admin admin endpoint started {"address": "tcp
/localhost:2019", "enforce_origin": false, "origins": ["[::1]:2019", "127.0.0.1:
2019", "localhost:2019"]}
2020/07/28 18:49:10.204 INFO http server is listening only on the HTTPS po
rt but has no TLS connection policies; adding one to enable TLS {"server_name":
"srv0", "https_port": 443}
2020/07/28 18:49:10.205 INFO http enabling automatic HTTP->HTTPS redirects
{"server_name": "srv0"}
2020/07/28 18:49:10.209 INFO tls cleaned up storage units
2020/07/28 18:49:10.209 INFO http enabling automatic TLS certificate manag
ement {"domains": ["passchier.net"]}
2020/07/28 18:49:10.210 INFO autosaved config {"file": "/root/.config/
caddy/autosave.json"}
2020/07/28 18:49:10.210 INFO serving initial configuration
2020/07/28 20:49:10 [INFO][passchier.net] Obtain certificate; acquiring lock...
2020/07/28 20:49:10 [INFO][passchier.net] Obtain: Lock acquired; proceeding...
2020/07/28 20:49:10 [INFO][cache:0xc000070f60] Started certificate maintenance r
outine
2020/07/28 20:49:10 [INFO][passchier.net] Waiting on rate limiter...
2020/07/28 20:49:10 [INFO][passchier.net] Done waiting
2020/07/28 20:49:10 [INFO] [passchier.net] acme: Obtaining bundled SAN certifica
te given a CSR
2020/07/28 20:49:11 [INFO] [passchier.net] AuthURL: https://acme-v02.api.letsenc
rypt.org/acme/authz-v3/6170245089
2020/07/28 20:49:11 [INFO] [passchier.net] acme: Could not find solver for: tls-
alpn-01
2020/07/28 20:49:11 [INFO] [passchier.net] acme: use http-01 solver
2020/07/28 20:49:11 [INFO] [passchier.net] acme: Trying to solve HTTP-01
2020/07/28 20:49:15 http: TLS handshake error from 128.199.187.77:45272: no cert
ificate available for 'passchier.net'
2020/07/28 20:49:18 [INFO] Deactivating auth: https://acme-v02.api.letsencrypt.o
rg/acme/authz-v3/6170245089
2020/07/28 20:49:19 [INFO] Unable to deactivate the authorization: https://acme-
v02.api.letsencrypt.org/acme/authz-v3/6170245089
2020/07/28 20:49:19 [ERROR] error: one or more domains had a problem:
[passchier.net] acme: error: 403 :: urn:ietf:params:acme:error:unauthorized :: I
nvalid response from http://passchier.net/.well-known/acme-challenge/DJik0wFRwHG
e3zUJ_BvwoIWqD68XjrGHk6ZtDOd6_uc [2a01:4f8:10a:396f::]: "<!DOCTYPE html>\n<html
style=\"height:100%\">\n<head>\n<meta name=\"viewport\" content=\"width=device-w
idth, initial-scale=1, shrink-to-", url:
(challenge=http-01 remaining=[tls-alpn-01])
2020/07/28 20:49:21 [INFO] [passchier.net] acme: Obtaining bundled SAN certifica
te given a CSR
2020/07/28 20:49:21 [ERROR] acme: error: 429 :: POST :: https://acme-v02.api.let
sencrypt.org/acme/new-order :: urn:ietf:params:acme:error:rateLimited :: Error c
reating new order :: too many failed authorizations recently: see https://letsen
crypt.org/docs/rate-limits/, url: (challenge=tls-alpn-01 remaining=[])
2020/07/28 20:49:23 [ERROR] attempt 1: [passchier.net] Obtain: [passchier.net] a
cme: error: 429 :: POST :: https://acme-v02.api.letsencrypt.org/acme/new-order :
: urn:ietf:params:acme:error:rateLimited :: Error creating new order :: too many
failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/,
url: - retrying in 1m0s (13.15329274s/720h0m0s elapsed)...
2020/07/28 20:49:24 http: TLS handshake error from 45.76.120.140:44538: no certi
ficate available for 'passchier.net'
^C2020/07/28 18:49:44.639 INFO shutting down {"signal": "SIGINT"}
2020/07/28 20:49:44 [INFO][cache:0xc000070f60] Stopped certificate maintenance r
outine
2020/07/28 18:49:44.640 INFO admin stopped previous server
2020/07/28 18:49:44.640 INFO shutdown done {"signal": "SIGINT"}
5. What I already tried:
After many years of v1 now many sites are down, so might as well try v2 at this point…