Hello, is this something I need to be concerned about;
2020/03/26 14:49:04 [INFO][matrixebiz.cc] Renew: 651h47m56.4735775s remaining
2020/03/26 14:49:04 [INFO] [matrixebiz.cc] acme: Obtaining bundled SAN certificate given a CSR
2020/03/26 14:49:04 [INFO] [matrixebiz.cc] AuthURL: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/45675845
2020/03/26 14:49:04 [INFO] [matrixebiz.cc] acme: use tls-alpn-01 solver
2020/03/26 14:49:04 [INFO] [matrixebiz.cc] acme: Trying to solve TLS-ALPN-01
2020/03/26 14:49:05 [INFO] Deactivating auth: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/45675845
2020/03/26 14:49:05 [ERROR] acme: Error → One or more domains had a problem:
[matrixebiz.cc] [matrixebiz.cc] acme: error presenting token: presenting with embedded provider: could not start listener for TLS-ALPN challenge server: listen tcp :443: bind: Only one usage of each socket address (protocol/network address/port) is normally permitted.
(challenge=tls-alpn-01 remaining=[http-01])
2020/03/26 14:49:07 [INFO] [matrixebiz.cc] acme: Obtaining bundled SAN certificate given a CSR
2020/03/26 14:49:08 [INFO] [matrixebiz.cc] AuthURL: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/45675851
2020/03/26 14:49:08 [INFO] [matrixebiz.cc] acme: Could not find solver for: tls-alpn-01
2020/03/26 14:49:08 [INFO] [matrixebiz.cc] acme: use http-01 solver
2020/03/26 14:49:08 [INFO] [matrixebiz.cc] acme: Trying to solve HTTP-01
2020/03/26 14:49:08 [INFO] Deactivating auth: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/45675851
2020/03/26 14:49:08 [ERROR] acme: Error → One or more domains had a problem:
[matrixebiz.cc] [matrixebiz.cc] acme: error presenting token: presenting with embedded provider: could not start listener for HTTP challenge server: listen tcp :80: bind: Only one usage of each socket address (protocol/network address/port) is normally permitted.
(challenge=http-01 remaining=[])
2020/03/26 14:49:10 [ERROR] attempt 3: [matrixebiz.cc] Renew: [matrixebiz.cc] acme: Error → One or more domains had a problem:
[matrixebiz.cc] [matrixebiz.cc] acme: error presenting token: presenting with embedded provider: could not start listener for HTTP challenge server: listen tcp :80: bind: Only one usage of each socket address (protocol/network address/port) is normally permitted.
retrying in 2m0s (3m21.4481134s/720h0m0s elapsed)…
That’s odd. What happens is CertMagic tries to bind the socket to solve the challenge, and if it fails, it checks (“dials”) to see if the socket is in use by connecting to it. If that succeeds, then we know that Caddy is already listening on that port, and we can continue without error. But if that dial fails too, then there’s not much we can do, since we can’t bind the socket but we can’t connect to it either!
The error being logged originates from the first attempt to bind to the socket.
It’s curious why Windows is reporting that it can’t bind the socket (because “only one usage is normally permitted”) AND that the socket is, in fact, not in use at the same time (i.e. Caddy was unable to connect to it)! It’s a contradiction.
Windows bug?
If it keeps happening for more than a few minutes, then it’s something we should look into, but… I dunno what to do about this one.
Edit: I suppose we could, on Windows, just not even do the “is socket already in use” check and assume that if we can’t bind the socket, then whatever has bound the socket (Caddy’s HTTP server, usually) can solve the challenge for us and continue without error… of course, this could hide actual problems if there are any… so maybe we just log the error as information instead…
Hi, yes, this is on Windows; Caddy v2b15 started crashing this afternoon but don’t have the error log so I installed b20 and it started working again but with this new error as above which is still happening;
Possibly just a Windows server reboot is necessary? I’ll try that on the weekend and see what happens, this is what the window is still saying;
[matrixebiz.cc] [matrixebiz.cc] acme: error presenting token: presenting with embedded provider: could not start listener for TLS-ALPN challenge server: listen tcp :443: bind: Only one usage of each socket address (protocol/network address/port) is normally permitted.
retrying in 3h0m0s (3h1m8.5526135s/720h0m0s elapsed)…
2020/03/26 17:55:48 [INFO] [matrixebiz.cc] Maintenance routine: certificate expires in 648h41m12.5418208s; queueing for renewal
2020/03/26 17:55:51 http: TLS handshake error from 111.202.103.145:61265: no certificate available for ‘elol.com’
2020/03/26 18:04:57 http: TLS handshake error from 185.202.2.57:1900: tls: first record does not look like a TLS handshake
2020/03/26 18:05:48 [INFO] [matrixebiz.cc] Maintenance routine: certificate expires in 648h31m12.5407624s; queueing for renewal
2020/03/26 18:15:48 [INFO] [matrixebiz.cc] Maintenance routine: certificate expires in 648h21m12.5405147s; queueing for renewal
2020/03/26 18:15:51 http: TLS handshake error from 111.202.103.145:46629: no certificate available for ‘elol.com’
2020/03/26 18:25:48 [INFO] [matrixebiz.cc] Maintenance routine: certificate expires in 648h11m12.5422237s; queueing for renewal