1. The problem I’m having:
-
There is no problem with the DNS resolution of my domain name, and it can be resolved to my server correctly.
-
Ports 80 and 443 are open and can be accessed from external networks.
-
caddy works fine when just http is used in the
caddyfile:
{
email chb123@gmail.com
}
:80
reverse_proxy localhost:9876
- After https is enabled, an error message is displayed, causing a certificate application failure.
2. Error messages and/or full log output:
Oct 09 02:11:35 Dev_Payment_111 caddy[18404]: {"level":"info","ts":1696817495.4480734,"logger":"tls","msg":"cleaning storage unit","description":"FileStorage:/var/lib/caddy/.local/share/caddy"}
Oct 09 02:11:35 Dev_Payment_111 caddy[18404]: {"level":"info","ts":1696817495.4481452,"logger":"tls","msg":"finished cleaning storage units"}
Oct 09 02:11:35 Dev_Payment_111 caddy[18404]: {"level":"info","ts":1696817495.4482486,"logger":"tls.obtain","msg":"acquiring lock","identifier":"www.ex-nofity.top"}
Oct 09 02:11:35 Dev_Payment_111 caddy[18404]: {"level":"info","ts":1696817495.4482882,"msg":"autosaved config (load with --resume flag)","file":"/var/lib/caddy/.config/caddy/autosave.json"}
Oct 09 02:11:35 Dev_Payment_111 caddy[18404]: {"level":"info","ts":1696817495.448325,"msg":"serving initial configuration"}
Oct 09 02:11:35 Dev_Payment_111 caddy[18404]: {"level":"info","ts":1696817495.4864845,"logger":"tls.obtain","msg":"lock acquired","identifier":"www.ex-nofity.top"}
Oct 09 02:11:35 Dev_Payment_111 caddy[18404]: {"level":"info","ts":1696817495.4866147,"logger":"tls.obtain","msg":"obtaining certificate","identifier":"www.ex-nofity.top"}
Oct 09 02:11:35 Dev_Payment_111 caddy[18404]: {"level":"info","ts":1696817495.4937303,"logger":"tls.issuance.acme","msg":"waiting on internal rate limiter","identifiers":["www.ex-nofity.top"],"ca":"https://acme-v02.api.letsencrypt.org/directory","account":"chb123@gmail.com"}
Oct 09 02:11:35 Dev_Payment_111 caddy[18404]: {"level":"info","ts":1696817495.493765,"logger":"tls.issuance.acme","msg":"done waiting on internal rate limiter","identifiers":["www.ex-nofity.top"],"ca":"https://acmev02.api.letsencrypt.org/directory","account":"chb123@gmail.com"}
Oct 09 02:11:37 Dev_Payment_111 caddy[18404]: {"level":"info","ts":1696817497.6288013,"logger":"tls.issuance.acme.acme_client","msg":"trying to solve challenge","identifier":"www.ex-nofity.top","challenge_type":"http01","ca":"https://acme-v02.api.letsencrypt.org/directory"}
Oct 09 02:11:49 Dev_Payment_111 caddy[18404]: {"level":"error","ts":1696817509.3985543,"logger":"tls.issuance.acme.acme_client","msg":"challenge failed","identifier":"www.ex-nofity.top","challenge_type":"http-01","problem":{"type":"urn:ietf:params:acme:error:connection","title":"","detail":"211.123.75.228: Fetching http://www.ex-nofity.top/.well-known/acme-challenge/Yf0M-T8e-dF0soOLQxBXwElnEMqkl02hJBNUVvsf_Lc: Timeout during connect (likely firewall problem)","instance":"","subproblems":[]}}
Oct 09 02:11:49 Dev_Payment_111 caddy[18404]: {"level":"error","ts":1696817509.3986027,"logger":"tls.issuance.acme.acme_client","msg":"validating authorization","identifier":"www.ex-nofity.top","problem":{"type":"urn:ietf:params:acme:error:connection","title":"","detail":"211.123.75.228: Fetching http://www.ex-nofity.top/.well-known/acme-challenge/Yf0M-T8e-dF0soOLQxBXwElnEMqkl02hJBNUVvsf_Lc: Timeout during connect (likely firewall problem)","instance ":"","subproblems":[]},"order":"https://acme-v02.api.letsencrypt.org/acme/order/1349812566/213802657336","attempt":1,"max_attempts":3}
Oct 09 02:11:51 Dev_Payment_111 caddy[18404]: {"level":"info","ts":1696817511.1904821,"logger":"tls.issuance.acme.acme_client","msg":"trying to solve challenge","identifier":"www.ex-nofity.top","challenge_type":"tls-alpn-01","ca":"https://acme-v02.api.letsencrypt.org/directory"}
Oct 09 02:12:02 Dev_Payment_111 caddy[18404]: {"level":"error","ts":1696817522.2106516,"logger":"tls.issuance.acme.acme_client","msg":"challenge failed","identifier":"www.ex-nofity.top","challenge_type":"tls-alpn-01","problem":{"type":"urn:ietf:params:acme:error:connection","title":"","detail":"211.123.75.228: Timeout during connect (likely firewall problem)","instance":"","subproblems":[]}}
Oct 09 02:12:02 Dev_Payment_111 caddy[18404]: {"level":"error","ts":1696817522.2107036,"logger":"tls.issuance.acme.acme_client","msg":"validating authorization","identifier":"www.ex-nofity.top","problem":{"type":"urn:ietf:params:acme:error:connection","title":"","detail":"211.123.75.228: Timeout during connect (likely firewall problem)","instance":"","subproblems":[]},"order":"https://acme-v02.api.letsencrypt.org/acme/order/1349812566/213802709246","a ttempt":2,"max_attempts":3}
Oct 09 02:12:02 Dev_Payment_111 caddy[18404]: {"level":"error","ts":1696817522.2107475,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"www.ex-nofity.top","issuer":"acme-v02.api.letsencrypt.org-directory","error":"HTTP 400 rn:ietf:params:acme:error:connection - 211.123.75.228: Timeout during connect (likely firewall problem)"}
Oct 09 02:12:02 Dev_Payment_111 caddy[18404]: {"level":"info","ts":1696817522.3516479,"logger":"tls.issuance.zerossl","msg":"waiting on internal rate limiter","identifiers":["www.ex-nofity.top"],"ca":"https://acme.zerossl.com/v2/DV90","account":"chb123@gmail.com"}
Oct 09 02:12:02 Dev_Payment_111 caddy[18404]: {"level":"info","ts":1696817522.351804,"logger":"tls.issuance.zerossl","msg":"done waiting on internal rat e limiter","identifiers":["www.ex-nofity.top"],"ca":"https://acme.zerossl.com/v2/DV90","account":"chb123@gmail.com"}
Oct 09 02:12:06 Dev_Payment_111 caddy[18404]: {"level":"info","ts":1696817526.396537,"logger":"tls.issuance.zerossl.acme_client","msg":"trying to solve challenge","identifier":"www.ex-nofity.top","challenge_type":"http-01","ca":"https://acme.zerossl.com/v2/DV90"}
Oct 09 02:12:20 Dev_Payment_111 caddy[18404]: {"level":"error","ts":1696817540.312028,"logger":"tls.issuance.zerossl.acme_client","msg":"challenge failed","identifier":"www.ex-nofity.top","challenge_type":"http-01","problem":{"type":"","title":"","detail":"","instance":"","subproblems":[]}}
Oct 09 02:12:20 Dev_Payment_111 caddy[18404]: {"level":"error","ts":1696817540.312073,"logger":"tls.issuance.zerossl.acme_client","msg":"validating authorization","identifier":"www.ex-nofity.top","problem":{"type":"","title":"","detail":"","instance":"","subproblems":[]},"order":"https://acme.zerossl.com/v2/DV90/order/GPCD7FAjoDQM8ZM5aQ41og","attempt":1,"max_attempts":3}
Oct 09 02:12:20 Dev_Payment_111 caddy[18404]: {"level":"error","ts":1696817540.312127,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"www.ex-nofity.top","issuer":"acme.zerossl.com-v2-DV90","error":"HTTP 0 - "}
Oct 09 02:12:20 Dev_Payment_111 caddy[18404]: {"level":"error","ts":1696817540.3121705,"logger":"tls.obtain","msg":"will retry","error":"[www.ex-nofity.top] Obtain: [www.ex-nofity.top] solving challenge: www.ex-nofity.top: [www.ex-nofity.top] authorization failed: HTTP 0 - (ca=https://acme.zerossl.com/v2/DV90)","attempt":1,"retrying_in":60,"elapsed":44.825670399,"max_duration":2592000}
3. Caddy version:
[developer@Dev_Payment_111 caddy]$ caddy version
v2.7.4 h1:J8nisjdOxnYHXlorUKXY75Gr6iBfudfoGhrJ8t7/flI=
[developer@Dev_Payment_111 caddy]$ whereis caddy
caddy: /usr/bin/caddy /etc/caddy /usr/share/caddy /usr/share/man/man8/caddy.8.gz
[developer@Dev_Payment_111 caddy]$ pwd
/usr/share/caddy
[developer@Dev_Payment_111 caddy]$ tree
.
└── index.html
0 directories, 1 file
4. How I installed and ran Caddy:
a. System environment:
CentOS 7
b. Command:
yum install yum-plugin-copr
yum copr enable @caddy/caddy
yum install caddy
c. Service/unit/compose file:
caddy.service by yum
d. My complete Caddy config:
{
email chb123@gmail.com
}
www.ex-notify.top:443
reverse_proxy localhost:9876
5. Links to relevant resources:
[developer@Dev_Payment_111 caddy]$ caddy version
v2.7.4 h1:J8nisjdOxnYHXlorUKXY75Gr6iBfudfoGhrJ8t7/flI=
[developer@Dev_Payment_111 caddy]$ whereis caddy
caddy: /usr/bin/caddy /etc/caddy /usr/share/caddy /usr/share/man/man8/caddy.8.gz
[developer@Dev_Payment_111 caddy]$ pwd
/usr/share/caddy
[developer@Dev_Payment_111 caddy]$ tree
.
└── index.html
0 directories, 1 file