I have a Docker container running on localhost:80, and after a question on this forum, I realized I might need a proxy to give anyone the access to this container with HTTPS.
I installed Caddy on my server, created a Caddyfile with the following lines:
https://mydomain.com {
proxy / localhost:80
}
then ran caddy -conf Caddyfile, but nothing went as expected. I got the following output:
2019/07/03 21:27:34 [INFO] acme: Registering account for jlevarato@pm.me
2019/07/03 21:27:34 [INFO] [mydomain.com] acme: Obtaining bundled SAN certificate
2019/07/03 21:27:35 [INFO] [mydomain.com] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz/lHYfWDjwbm3_cOYeyzKhZRQyyhkZ0pztL08KU8s8L5M
2019/07/03 21:27:35 [INFO] [mydomain.com] acme: use tls-alpn-01 solver
2019/07/03 21:27:35 [INFO] [mydomain.com] acme: Trying to solve TLS-ALPN-01
2019/07/03 21:27:41 [INFO] Unable to deactivated authorizations: https://acme-v02.api.letsencrypt.org/acme/authz/lHYfWDjwbm3_cOYeyzKhZRQyyhkZ0pztL08KU8s8L5M
2019/07/03 21:27:42 [INFO] [mydomain.com] acme: Obtaining bundled SAN certificate
2019/07/03 21:27:42 [INFO] [mydomain.com] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz/j1k95v0--Iil8eZZIpnGCyqZGDT0cGI0iXx-mNfBeYc
2019/07/03 21:27:42 [INFO] [mydomain.com] acme: use tls-alpn-01 solver
2019/07/03 21:27:42 [INFO] [mydomain.com] acme: Trying to solve TLS-ALPN-01
2019/07/03 21:27:51 [INFO] Unable to deactivated authorizations: https://acme-v02.api.letsencrypt.org/acme/authz/j1k95v0--Iil8eZZIpnGCyqZGDT0cGI0iXx-mNfBeYc
2019/07/03 21:27:52 [INFO] [mydomain.com] acme: Obtaining bundled SAN certificate
2019/07/03 21:27:52 [INFO] [mydomain.com] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz/CfaabEOoNz9vorBhAr3xYmW709p47AlCp1ZN3BLj6m4
2019/07/03 21:27:52 [INFO] [mydomain.com] acme: use tls-alpn-01 solver
2019/07/03 21:27:52 [INFO] [mydomain.com] acme: Trying to solve TLS-ALPN-01
2019/07/03 21:27:53 [INFO] Unable to deactivated authorizations: https://acme-v02.api.letsencrypt.org/acme/authz/CfaabEOoNz9vorBhAr3xYmW709p47AlCp1ZN3BLj6m4
2019/07/03 21:27:54 [INFO] [mydomain.com] acme: Obtaining bundled SAN certificate
2019/07/03 21:27:55 [INFO] [mydomain.com] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz/CbNPKTzwiY-oN7IHF2gtC81yVVznaE0x37o63ycpaBw
2019/07/03 21:27:55 [INFO] [mydomain.com] acme: Could not find solver for: tls-alpn-01
2019/07/03 21:27:55 [INFO] [mydomain.com] acme: use http-01 solver
2019/07/03 21:27:55 [INFO] [mydomain.com] acme: Trying to solve HTTP-01
2019/07/03 21:28:00 [INFO] Unable to deactivated authorizations: https://acme-v02.api.letsencrypt.org/acme/authz/CbNPKTzwiY-oN7IHF2gtC81yVVznaE0x37o63ycpaBw
2019/07/03 21:28:01 [INFO] [mydomain.com] acme: Obtaining bundled SAN certificate
2019/07/03 21:28:02 [INFO] [mydomain.com] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz/S7OJRmCiBk9e8t1BINvho_cIaqcplHta__lOXrO8dMU
2019/07/03 21:28:02 [INFO] [mydomain.com] acme: Could not find solver for: tls-alpn-01
2019/07/03 21:28:02 [INFO] [mydomain.com] acme: use http-01 solver
2019/07/03 21:28:02 [INFO] [mydomain.com] acme: Trying to solve HTTP-01
2019/07/03 21:28:08 [INFO] Unable to deactivated authorizations: https://acme-v02.api.letsencrypt.org/acme/authz/S7OJRmCiBk9e8t1BINvho_cIaqcplHta__lOXrO8dMU
2019/07/03 21:28:09 [INFO] [mydomain.com] acme: Obtaining bundled SAN certificate
2019/07/03 21:28:11 failed to obtain certificate: acme: error: 429 :: POST :: https://acme-v02.api.letsencrypt.org/acme/new-order :: urn:ietf:params:acme:error:rateLimited :: Error creating new order :: too many failed authorizations recently: see Rate Limits - Let's Encrypt, url:
I don’t know where the problem comes from. When checking out the url given in the logs, I saw that Acme was trying to reach mydomain.com/.well-know/[some stuff] and got a 404 back. Around the last given links, I saw it received a 400 error without telling what was wrong.
Is my configuration wrong ? (I think I should add transparent to the proxy’s config) Or is the problem elsewhere?
Thank you in advance
(bonus question: is the flag -quietenough to run Caddy as a deamon?)