Caddy kubernetes hitting rate limits before domain change

(Read this, then delete it before you post.) To get the best help possible, please:

  • explain what you are trying to do,
    Run django-cookiecutter repository on kubernetes in GCP

  • show what you have already tried,
    using kompose conver docker-compose to kubernetes yaml. I was using tls self-signed in Caddyfile, but this is hitting rate limits

www.{$DOMAIN_NAME} {

    proxy / django:5000 {
        header_upstream Host {host}
        header_upstream X-Real-IP {remote}
        header_upstream X-Forwarded-Proto {scheme}
    tls self_signed

    log stdout
    errors stdout
  • include error messages and log output,
    Activating privacy features…2018/02/21 23:58:32 [INFO][] acme: Obtaining bundled SAN certificate
    2018/02/21 23:58:33 [] failed to get certificate: acme: Error 429 - urn:acme:error:rateLimited - Error creating new authz :: too many failed authorizations recently: see Rate Limits - Let's Encrypt

  • and link to any relevant resources.
    I would like to use test certificates to test intitial releases and manually update the domain ip. I don’t have time prior to hitting the rate limits.

Remember, this community only works when those who get help also give help. Thanks for participating!

Hi @redward,

Too many failed authorizations implies that the DNS for doesn’t point to your Caddy server when you’re starting it up. If it’s not possible to have A records set, you could use DNS validation (see: Automatic HTTPS — Caddy Documentation). If that’s not possible either, you won’t be able to start Caddy with Automatic HTTPS enabled - you’ll have to turn that off (by supplying your own certificates, turning TLS off, or specifying HTTP / port 80) or use self-signed certs.

You could use the LetsEncrypt Staging Environment (see: Staging Environment - Let's Encrypt) to trial run the certificate requisition process, but that’s still subject to the requirements above (either A records must be set to an IP that Caddy is listening on, or DNS validation must be used).

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.