1. Caddy version (caddy version
):
caddy 2.4.5
2. How I run Caddy:
systemctl start caddy
a. System environment:
ubuntu 20.04
b. Command:
Paste command here.
c. Service/unit/compose file:
Paste full file contents here.
Make sure backticks stay on their own lines,
and the post looks nice in the preview pane.
d. My complete Caddyfile or JSON config:
lsservice.poteviohealth.com {
proxy http://172.16.3.1:8080
}
3. The problem I’m having:
ERROR LOG:
4. Error messages and/or full log output:
Nov 04 17:53:17 ecs-172 caddy[29034]: {“level”:“error”,“ts”:1636019597.5060143,“logger”:“tls.issuance.acme.acme_client”,“msg”:“validating authorization”,“identifier”:“lsservice.poteviohealth.com”,“error”:“authorization failed: HTTP 400 urn:ietf:params:acme:error:connection - Timeout during connect (likely firewall problem)”,“order”:“https://acme-staging-v02.api.letsencrypt.org/acme/order/29278558/929551768",“attempt”:1,"max_attempts”:3}
Nov 04 17:53:19 ecs-172 caddy[29034]: {“level”:“info”,“ts”:1636019599.8625758,“logger”:“tls.issuance.acme.acme_client”,“msg”:“trying to solve challenge”,“identifier”:“lsservice.poteviohealth.com”,“challenge_type”:“http-01”,“ca”:“https://acme-staging-v02.api.letsencrypt.org/directory”}
Nov 04 17:53:30 ecs-172 caddy[29034]: {“level”:“error”,“ts”:1636019610.9546824,“logger”:“tls.issuance.acme.acme_client”,“msg”:“challenge failed”,“identifier”:“lsservice.poteviohealth.com”,“challenge_type”:“http-01”,“status_code”:400,“problem_type”:“urn:ietf:params:acme:error:connection”,“error”:“Fetching http://lsservice.poteviohealth.com/.well-known/acme-challenge/iKoW5vhqRhtcDQGkFP-KEMQKwirHvNTozZkgSOBdw3M: Timeout during connect (likely firewall problem)”}
Nov 04 17:53:30 ecs-172 caddy[29034]: {“level”:“error”,“ts”:1636019610.9547362,“logger”:“tls.issuance.acme.acme_client”,“msg”:“validating authorization”,“identifier”:“lsservice.poteviohealth.com”,“error”:“authorization failed: HTTP 400 urn:ietf:params:acme:error:connection - Fetching http://lsservice.poteviohealth.com/.well-known/acme-challenge/iKoW5vhqRhtcDQGkFP-KEMQKwirHvNTozZkgSOBdw3M: Timeout during connect (likely firewall problem)”,“order”:“https://acme-staging-v02.api.letsencrypt.org/acme/order/29278558/929552638",“attempt”:2,"max_attempts”:3}
Nov 04 17:53:32 ecs-172 caddy[29034]: {“level”:“error”,“ts”:1636019612.681397,“logger”:“tls.obtain”,“msg”:“could not get certificate from issuer”,“identifier”:“lsservice.poteviohealth.com”,“issuer”:“acme-v02.api.letsencrypt.org-directory”,“error”:"[lsservice.poteviohealth.com] solving challenges: lsservice.poteviohealth.com: no solvers available for remaining challenges (configured=[http-01 tls-alpn-01] offered=[http-01 dns-01 tls-alpn-01] remaining=[dns-01]) (order=https://acme-staging-v02.api.letsencrypt.org/acme/order/29278558/929553358) (ca=https://acme-staging-v02.api.letsencrypt.org/directory)"}
Nov 04 17:53:32 ecs-172 caddy[29034]: {“level”:“warn”,“ts”:1636019612.6816492,“logger”:“tls.issuance.zerossl”,“msg”:“missing email address for ZeroSSL; it is strongly recommended to set one for next time”}
Nov 04 17:53:34 ecs-172 caddy[29034]: {“level”:“info”,“ts”:1636019614.0510418,“logger”:“tls.issuance.zerossl”,“msg”:“generated EAB credentials”,“key_id”:“vLNtbw9wl0Vie-aFzhYJcg”}
Nov 04 17:53:36 ecs-172 caddy[29034]: {“level”:“info”,“ts”:1636019616.1453888,“logger”:“tls.issuance.acme.acme_client”,“msg”:“trying to solve challenge”,“identifier”:“lsservice.poteviohealth.com”,“challenge_type”:“http-01”,“ca”:“https://acme.zerossl.com/v2/DV90”}
Nov 04 17:58:40 ecs-172 caddy[29034]: {“level”:“error”,“ts”:1636019920.6592124,“logger”:“tls.obtain”,“msg”:“could not get certificate from issuer”,“identifier”:“lsservice.poteviohealth.com”,“issuer”:“acme.zerossl.com-v2-DV90”,“error”:"[lsservice.poteviohealth.com] solving challenges: [lsservice.poteviohealth.com] authorization took too long (order=https://acme.zerossl.com/v2/DV90/order/-ApOJvdCHx2wO-T6jKQaQw) (ca=https://acme.zerossl.com/v2/DV90)"}
Nov 04 17:58:40 ecs-172 caddy[29034]: {“level”:“error”,“ts”:1636019920.6592784,“logger”:“tls.obtain”,“msg”:“will retry”,“error”:"[lsservice.poteviohealth.com] Obtain: [lsservice.poteviohealth.com] solving challenges: [lsservice.poteviohealth.com] authorization took too long (order=https://acme.zerossl.com/v2/DV90/order/-ApOJvdCHx2wO-T6jKQaQw) (ca=https://acme.zerossl.com/v2/DV90)",“attempt”:8,“retrying_in”:1800,“elapsed”:6222.505001371,“max_duration”:2592000}
5. What I already tried:
I live in China, so the network to other country is bad.
I told the IT admin to check if the network from other country to the inside network is ok, and got YES.
BUT I am not sure, because I can’t check it from other country.
And