Can not get certificate from issuer

1. Output of caddy version:

v2.6.2 h1:wKoFIxpmOJLGl3QXoo6PNbYvGW4xLEgo32GPBEjWL8o=

2. How I run Caddy:

systemctl start caddy

a. System environment:

ubuntu 20.04

b. Command:

Paste command here.

c. Service/unit/compose file:

Paste full file contents here.
Make sure backticks stay on their own lines,
and the post looks nice in the preview pane. -->

d. My complete Caddy config:

{
	auto_https disable_redirects
}

t1.mapchang.com, http://t1.mapchang.com {
	respond "Hello"
}

3. The problem I’m having:

Caddy can not get certificate

4. Error messages and/or full log output:

Paste logs/commands/output here.
USE THE PREVIEW PANE TO MAKE SURE IT LOOKS NICELY FORMATTED.
ct 31 13:24:58 ecs-99f5 caddy[301444]: {"level":"info","ts":1667193898.4252777,"logger":"tls.obtain","msg":"obtaining certificate","identifier":"t1.mapchang.com"}
Oct 31 13:24:59 ecs-99f5 caddy[301444]: {"level":"info","ts":1667193899.605512,"logger":"http.acme_client","msg":"authorization finalized","identifier":"t1.mapchang.com","authz_status":"valid"}
Oct 31 13:24:59 ecs-99f5 caddy[301444]: {"level":"info","ts":1667193899.6055603,"logger":"http.acme_client","msg":"validations succeeded; finalizing order","order":"https://acme-staging-v02.api.letsencrypt.org/acme/order/73992484/4880026734"}
Oct 31 13:25:00 ecs-99f5 caddy[301444]: {"level":"info","ts":1667193900.225686,"logger":"http.acme_client","msg":"successfully downloaded available certificate chains","count":1,"first_url":"https://acme-staging-v02.api.letsencrypt.org/acme/cert/fa7a20db80ca626fc8e7e7079a74a72d7541"}
Oct 31 13:25:00 ecs-99f5 caddy[301444]: {"level":"info","ts":1667193900.2259257,"logger":"http","msg":"waiting on internal rate limiter","identifiers":["t1.mapchang.com"],"ca":"https://acme-v02.api.letsencrypt.org/directory","account":"caddy@zerossl.com"}
Oct 31 13:25:00 ecs-99f5 caddy[301444]: {"level":"info","ts":1667193900.2259548,"logger":"http","msg":"done waiting on internal rate limiter","identifiers":["t1.mapchang.com"],"ca":"https://acme-v02.api.letsencrypt.org/directory","account":"caddy@zerossl.com"}
Oct 31 13:25:00 ecs-99f5 caddy[301444]: {"level":"error","ts":1667193900.5863273,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"t1.mapchang.com","issuer":"acme-v02.api.letsencrypt.org-directory","error":"HTTP 400 urn:ietf:params:acme:error:malformed - JWS verification error"}
Oct 31 13:25:00 ecs-99f5 caddy[301444]: {"level":"error","ts":1667193900.823853,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"t1.mapchang.com","issuer":"acme.zerossl.com-v2-DV90","error":"[t1.mapchang.com] creating new order: fetching new nonce from server: HTTP 500:  (ca=https://acme.zerossl.com/v2/DV90)"}
Oct 31 13:25:00 ecs-99f5 caddy[301444]: {"level":"error","ts":1667193900.8239145,"logger":"tls.obtain","msg":"will retry","error":"[t1.mapchang.com] Obtain: [t1.mapchang.com] creating new order: fetching new nonce from server: HTTP 500:  (ca=https://acme.zerossl.com/v2/DV90)","attempt":2,"retrying_in":120,"elapsed":64.697135735,"max_duration":2592000}
Oct 31 13:27:00 ecs-99f5 caddy[301444]: {"level":"info","ts":1667194020.8284676,"logger":"tls.obtain","msg":"obtaining certificate","identifier":"t1.mapchang.com"}
Oct 31 13:27:01 ecs-99f5 caddy[301444]: {"level":"info","ts":1667194021.375873,"logger":"http.acme_client","msg":"authorization finalized","identifier":"t1.mapchang.com","authz_status":"valid"}
Oct 31 13:27:01 ecs-99f5 caddy[301444]: {"level":"info","ts":1667194021.375915,"logger":"http.acme_client","msg":"validations succeeded; finalizing order","order":"https://acme-staging-v02.api.letsencrypt.org/acme/order/73992484/4880053794"}
Oct 31 13:27:02 ecs-99f5 caddy[301444]: {"level":"info","ts":1667194022.3875184,"logger":"http.acme_client","msg":"successfully downloaded available certificate chains","count":1,"first_url":"https://acme-staging-v02.api.letsencrypt.org/acme/cert/fa8b660fe822c8ff2b47e2f91642645fa668"}
Oct 31 13:27:02 ecs-99f5 caddy[301444]: {"level":"info","ts":1667194022.38779,"logger":"http","msg":"waiting on internal rate limiter","identifiers":["t1.mapchang.com"],"ca":"https://acme-v02.api.letsencrypt.org/directory","account":"caddy@zerossl.com"}
Oct 31 13:27:02 ecs-99f5 caddy[301444]: {"level":"info","ts":1667194022.3878114,"logger":"http","msg":"done waiting on internal rate limiter","identifiers":["t1.mapchang.com"],"ca":"https://acme-v02.api.letsencrypt.org/directory","account":"caddy@zerossl.com"}
Oct 31 13:27:02 ecs-99f5 caddy[301444]: {"level":"error","ts":1667194022.7467384,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"t1.mapchang.com","issuer":"acme-v02.api.letsencrypt.org-directory","error":"HTTP 400 urn:ietf:params:acme:error:malformed - JWS verification error"}
Oct 31 13:27:03 ecs-99f5 caddy[301444]: {"level":"error","ts":1667194023.8481755,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"t1.mapchang.com","issuer":"acme.zerossl.com-v2-DV90","error":"[t1.mapchang.com] creating new order: fetching new nonce from server: HTTP 500:  (ca=https://acme.zerossl.com/v2/DV90)"}
Oct 31 13:27:03 ecs-99f5 caddy[301444]: {"level":"error","ts":1667194023.848254,"logger":"tls.obtain","msg":"will retry","error":"[t1.mapchang.com] Obtain: [t1.mapchang.com] creating new order: fetching new nonce from server: HTTP 500:  (ca=https://acme.zerossl.com/v2/DV90)","attempt":3,"retrying_in":120,"elapsed":187.721475166,"max_duration":2592000}

5. What I already tried:

1.Use another versin of caddy 2.2.1 ,and got the same error.
2. I remove caddy. and reinstall it, still not solved.

6. Links to relevant resources:

Could you try clearing out Caddy’s storage, so it starts from a fresh state? You might have broken keys or something.

You can find the storage at /var/lib/caddy/.local/share/caddy. Empty that out and restart Caddy with sudo systemctl restart caddy.

After clear the storage , certificate obtained successfully.
Thank’s a lot.

This topic was automatically closed after 30 days. New replies are no longer allowed.