1. The problem I’m having:
I’m trying to set up Caddy with my domain name that I have with DuckDns, which is all set up the way it should be. Since my modem won’t allow for open ports on 80 or 443 (ISP limitation), getting a certificate through Let’s Encrypt or ZeroSSL is not going to work. So I’m trying to set up a DNS challenge instead, but for some reason, Caddy just ignores this and insists on trying to get a certificate (and failing).
I’m an absolute newbie at this, and I’m just completely stumped as to what I’m doing wrong. Any help would be much obliged.
2. Error messages and/or full log output:
D:\Caddy>caddy_windows_amd64 run --config Caddyfile
2023/12/27 01:04:00.290 ←[34mINFO←[0m using provided configuration {"config_file": "Caddyfile", "config_adapter": ""}
2023/12/27 01:04:00.294 ←[33mWARN←[0m Caddyfile input is not formatted; run 'caddy fmt --overwrite' to fix inconsistencies {"adapter": "caddyfile", "file": "Caddyfile", "line": 2}
2023/12/27 01:04:00.312 ←[34mINFO←[0m admin admin endpoint started {"address": "localhost:2019", "enforce_origin": false, "origins": ["//localhost:2019", "//[::1]:2019", "//127.0.0.1:2019"]}
2023/12/27 01:04:00.313 ←[34mINFO←[0m tls.cache.maintenance started background certificate maintenance {"cache": "0xc000517a00"}
2023/12/27 01:04:00.313 ←[34mINFO←[0m http.auto_https server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS {"server_name": "srv0", "https_port": 443}
2023/12/27 01:04:00.313 ←[34mINFO←[0m http.auto_https enabling automatic HTTP->HTTPS redirects {"server_name": "srv0"}
2023/12/27 01:04:00.313 ←[35mDEBUG←[0m http.auto_https adjusted config {"tls": {"automation":{"policies":[{"subjects":["wiroxmedia.duckdns.org"]},{}]}}, "http": {"servers":{"remaining_auto_https_redirects":{"listen":[":80"],"routes":[{},{}]},"srv0":{"listen":[":443"],"routes":[{"handle":[{"handler":"subroute","routes":[{"handle":[{"handler":"reverse_proxy","upstreams":[{"dial":"localhost:9876"}]}]}]}],"terminal":true}],"tls_connection_policies":[{}],"automatic_https":{}}}}}
2023/12/27 01:04:00.314 ←[34mINFO←[0m http enabling HTTP/3 listener {"addr": ":443"}
2023/12/27 01:04:00.315 ←[35mDEBUG←[0m http starting server loop {"address": "[::]:443", "tls": true, "http3": true}
2023/12/27 01:04:00.318 ←[34mINFO←[0m http.log server running {"name": "srv0", "protocols": ["h1", "h2", "h3"]}
2023/12/27 01:04:00.319 ←[35mDEBUG←[0m http starting server loop {"address": "[::]:80", "tls": false, "http3": false}
2023/12/27 01:04:00.320 ←[34mINFO←[0m http.log server running {"name": "remaining_auto_https_redirects", "protocols": ["h1", "h2", "h3"]}
2023/12/27 01:04:00.320 ←[34mINFO←[0m http enabling automatic TLS certificate management {"domains": ["wiroxmedia.duckdns.org"]}
2023/12/27 01:04:00.324 ←[34mINFO←[0m autosaved config (load with --resume flag) {"file": "C:\\Users\\ellen\\AppData\\Roaming\\Caddy\\autosave.json"}
2023/12/27 01:04:00.326 ←[34mINFO←[0m serving initial configuration
2023/12/27 01:04:00.333 ←[33mWARN←[0m tls storage cleaning happened too recently; skipping for now {"storage": "FileStorage:C:\\Users\\ellen\\AppData\\Roaming\\Caddy", "instance": "aecb92b6-8153-4c62-88ce-36ea2a6cdf79", "try_again": "2023/12/28 01:04:00.333", "try_again_in": 86400}
2023/12/27 01:04:00.354 ←[34mINFO←[0m tls.obtain acquiring lock {"identifier": "wiroxmedia.duckdns.org"}
2023/12/27 01:04:00.356 ←[34mINFO←[0m [INFO][FileStorage:C:\Users\ellen\AppData\Roaming\Caddy] Lock for 'issue_cert_wiroxmedia.duckdns.org' is stale (created: 2023-12-27 02:01:38.6957431 +0100 CET, last update: 2023-12-27 02:03:44.1510076 +0100 CET); removing then retrying: C:\Users\ellen\AppData\Roaming\Caddy\locks\issue_cert_wiroxmedia.duckdns.org.lock
2023/12/27 01:04:00.369 ←[34mINFO←[0m tls.obtain lock acquired {"identifier": "wiroxmedia.duckdns.org"}
2023/12/27 01:04:00.370 ←[34mINFO←[0m tls.obtain obtaining certificate {"identifier": "wiroxmedia.duckdns.org"}
2023/12/27 01:04:00.370 ←[35mDEBUG←[0m events event {"name": "cert_obtaining", "id": "691c8b08-7bb7-4a46-86ea-0b8e6e5ad6b4", "origin": "tls", "data": {"identifier":"wiroxmedia.duckdns.org"}}
2023/12/27 01:04:00.372 ←[35mDEBUG←[0m tls.obtain trying issuer 1/2 {"issuer": "acme-v02.api.letsencrypt.org-directory"}
2023/12/27 01:04:00.374 ←[34mINFO←[0m tls.issuance.acme waiting on internal rate limiter {"identifiers": ["wiroxmedia.duckdns.org"], "ca": "https://acme-v02.api.letsencrypt.org/directory", "account": ""}
2023/12/27 01:04:00.375 ←[34mINFO←[0m tls.issuance.acme done waiting on internal rate limiter {"identifiers": ["wiroxmedia.duckdns.org"], "ca": "https://acme-v02.api.letsencrypt.org/directory", "account": ""}
2023/12/27 01:04:00.386 ←[34mINFO←[0m tls finished cleaning storage units
2023/12/27 01:04:00.866 ←[35mDEBUG←[0m tls.issuance.acme.acme_client http request {"method": "GET", "url": "https://acme-v02.api.letsencrypt.org/directory", "headers": {"User-Agent":["Caddy/2.7.6 CertMagic acmez (windows; amd64)"]}, "response_headers": {"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["752"],"Content-Type":["application/json"],"Date":["Wed, 27 Dec 2023 01:04:00 GMT"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]}, "status_code": 200}
2023/12/27 01:04:01.010 ←[35mDEBUG←[0m tls.issuance.acme.acme_client http request {"method": "HEAD", "url": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "headers": {"User-Agent":["Caddy/2.7.6 CertMagic acmez (windows; amd64)"]}, "response_headers": {"Cache-Control":["public, max-age=0, no-cache"],"Date":["Wed, 27 Dec 2023 01:04:00 GMT"],"Link":["<https://acme-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Replay-Nonce":["T8gQgmcoE0t2_mS-3wEyFIDHLgqNHDYuaGaUdZleOG86hzeOo8U"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]}, "status_code": 200}
2023/12/27 01:04:01.347 ←[35mDEBUG←[0m tls.issuance.acme.acme_client http request {"method": "POST", "url": "https://acme-v02.api.letsencrypt.org/acme/new-order", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.7.6 CertMagic acmez (windows; amd64)"]}, "response_headers": {"Boulder-Requester":["1485556586"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["348"],"Content-Type":["application/json"],"Date":["Wed, 27 Dec 2023 01:04:01 GMT"],"Link":["<https://acme-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Location":["https://acme-v02.api.letsencrypt.org/acme/order/1485556586/232132844686"],"Replay-Nonce":["xavOoKHvgQXFSEJEy69WBHhqLlZhSUmZkalrkKra7mubqnkzmD8"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]}, "status_code": 201}
2023/12/27 01:04:01.489 ←[35mDEBUG←[0m tls.issuance.acme.acme_client http request {"method": "POST", "url": "https://acme-v02.api.letsencrypt.org/acme/authz-v3/297768303956", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.7.6 CertMagic acmez (windows; amd64)"]}, "response_headers": {"Boulder-Requester":["1485556586"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["806"],"Content-Type":["application/json"],"Date":["Wed, 27 Dec 2023 01:04:01 GMT"],"Link":["<https://acme-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Replay-Nonce":["xavOoKHvc2GoKu9wEZl4q0JilnYMOlq0Qpvh0USQFKamFzw-ql0"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]}, "status_code": 200}
2023/12/27 01:04:01.491 ←[35mDEBUG←[0m tls.issuance.acme.acme_client no solver configured {"challenge_type": "tls-alpn-01"}
2023/12/27 01:04:01.497 ←[35mDEBUG←[0m tls.issuance.acme.acme_client no solver configured {"challenge_type": "http-01"}
2023/12/27 01:04:01.497 ←[34mINFO←[0m tls.issuance.acme.acme_client trying to solve challenge {"identifier": "wiroxmedia.duckdns.org", "challenge_type": "dns-01", "ca": "https://acme-v02.api.letsencrypt.org/directory"}
2023/12/27 01:04:02.483 ←[35mDEBUG←[0m tls.issuance.acme.acme_client waiting for solver before continuing {"identifier": "wiroxmedia.duckdns.org", "challenge_type": "dns-01"}
2023/12/27 01:04:25.033 ←[35mDEBUG←[0m tls.issuance.acme.acme_client done waiting for solver {"identifier": "wiroxmedia.duckdns.org", "challenge_type": "dns-01"}
2023/12/27 01:04:25.339 ←[35mDEBUG←[0m tls.issuance.acme.acme_client http request {"method": "POST", "url": "https://acme-v02.api.letsencrypt.org/acme/authz-v3/297768303956", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.7.6 CertMagic acmez (windows; amd64)"]}, "response_headers": {"Boulder-Requester":["1485556586"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["810"],"Content-Type":["application/json"],"Date":["Wed, 27 Dec 2023 01:04:25 GMT"],"Link":["<https://acme-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Replay-Nonce":["T8gQgmcolOaxjHEpsv7PzdkO_i2RVjvBZ6sXvrg0ob2lQo_8ArU"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]}, "status_code": 200}
2023/12/27 01:04:25.339 ←[31mERROR←[0m tls.obtain could not get certificate from issuer {"identifier": "wiroxmedia.duckdns.org", "issuer": "acme-v02.api.letsencrypt.org-directory", "error": "[wiroxmedia.duckdns.org] solving challenges: waiting for solver certmagic.solverWrapper to be ready: checking DNS propagation of \"_acme-challenge.wiroxmedia.duckdns.org\": dial tcp 99.79.16.64:53: i/o timeout (order=https://acme-v02.api.letsencrypt.org/acme/order/1485556586/232132844686) (ca=https://acme-v02.api.letsencrypt.org/directory)"}
2023/12/27 01:04:25.341 ←[35mDEBUG←[0m tls.obtain trying issuer 2/2 {"issuer": "acme.zerossl.com-v2-DV90"}
2023/12/27 01:04:25.344 ←[34mINFO←[0m tls.issuance.zerossl waiting on internal rate limiter {"identifiers": ["wiroxmedia.duckdns.org"], "ca": "https://acme.zerossl.com/v2/DV90", "account": "caddy@zerossl.com"}
2023/12/27 01:04:25.344 ←[34mINFO←[0m tls.issuance.zerossl done waiting on internal rate limiter {"identifiers": ["wiroxmedia.duckdns.org"], "ca": "https://acme.zerossl.com/v2/DV90", "account": "caddy@zerossl.com"}
2023/12/27 01:04:25.838 ←[35mDEBUG←[0m tls.issuance.zerossl.acme_client http request {"method": "GET", "url": "https://acme.zerossl.com/v2/DV90", "headers": {"User-Agent":["Caddy/2.7.6 CertMagic acmez (windows; amd64)"]}, "response_headers": {"Access-Control-Allow-Origin":["*"],"Content-Length":["645"],"Content-Type":["application/json"],"Date":["Wed, 27 Dec 2023 01:04:25 GMT"],"Server":["nginx"],"Strict-Transport-Security":["max-age=15724800; includeSubDomains"]}, "status_code": 200}
2023/12/27 01:04:26.643 ←[35mDEBUG←[0m tls.issuance.zerossl.acme_client http request {"method": "HEAD", "url": "https://acme.zerossl.com/v2/DV90/newNonce", "headers": {"User-Agent":["Caddy/2.7.6 CertMagic acmez (windows; amd64)"]}, "response_headers": {"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=0, no-cache, no-store"],"Content-Type":["application/octet-stream"],"Date":["Wed, 27 Dec 2023 01:04:26 GMT"],"Link":["<https://acme.zerossl.com/v2/DV90>;rel=\"index\""],"Replay-Nonce":["BNuXGnK0xqPJMHpIldnU10xfJBCpnBIe9kfqvDQh5NA"],"Server":["nginx"],"Strict-Transport-Security":["max-age=15724800; includeSubDomains"]}, "status_code": 200}
2023/12/27 01:04:27.558 ←[35mDEBUG←[0m tls.issuance.zerossl.acme_client http request {"method": "POST", "url": "https://acme.zerossl.com/v2/DV90/newOrder", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.7.6 CertMagic acmez (windows; amd64)"]}, "response_headers": {"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=0, no-cache, no-store"],"Content-Length":["284"],"Content-Type":["application/json"],"Date":["Wed, 27 Dec 2023 01:04:27 GMT"],"Location":["https://acme.zerossl.com/v2/DV90/order/zGmbi4HkaEhpMQuljFfNZQ"],"Replay-Nonce":["LpWYZ3SlQqpgvvoMB53LZOzj8PnQljbQpyGbMg1vmOc"],"Server":["nginx"],"Strict-Transport-Security":["max-age=15724800; includeSubDomains"]}, "status_code": 201}
2023/12/27 01:04:28.475 ←[35mDEBUG←[0m tls.issuance.zerossl.acme_client http request {"method": "POST", "url": "https://acme.zerossl.com/v2/DV90/authz/w4V8NXynSGozRYlYyNvRww", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.7.6 CertMagic acmez (windows; amd64)"]}, "response_headers": {"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=0, no-cache, no-store"],"Content-Length":["452"],"Content-Type":["application/json"],"Date":["Wed, 27 Dec 2023 01:04:28 GMT"],"Link":["<https://acme.zerossl.com/v2/DV90>;rel=\"index\""],"Replay-Nonce":["fHDMOrpauc_o593e6xUaXObUIyIc98NB3bmA7aX9jXc"],"Retry-After":["5"],"Server":["nginx"],"Strict-Transport-Security":["max-age=15724800; includeSubDomains"]}, "status_code": 200}
2023/12/27 01:04:28.475 ←[35mDEBUG←[0m tls.issuance.zerossl.acme_client no solver configured {"challenge_type": "http-01"}
2023/12/27 01:04:28.479 ←[34mINFO←[0m tls.issuance.zerossl.acme_client trying to solve challenge {"identifier": "wiroxmedia.duckdns.org", "challenge_type": "dns-01", "ca": "https://acme.zerossl.com/v2/DV90"}
2023/12/27 01:04:28.620 ←[35mDEBUG←[0m tls.issuance.zerossl.acme_client waiting for solver before continuing
{"identifier": "wiroxmedia.duckdns.org", "challenge_type": "dns-01"}
2023/12/27 01:04:51.849 ←[35mDEBUG←[0m tls.issuance.zerossl.acme_client done waiting for solver {"identifier": "wiroxmedia.duckdns.org", "challenge_type": "dns-01"}
2023/12/27 01:04:53.076 ←[35mDEBUG←[0m tls.issuance.zerossl.acme_client http request {"method": "POST", "url": "https://acme.zerossl.com/v2/DV90/authz/w4V8NXynSGozRYlYyNvRww", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.7.6 CertMagic acmez (windows; amd64)"]}, "response_headers": {"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=0, no-cache, no-store"],"Content-Length":["134"],"Content-Type":["application/json"],"Date":["Wed, 27 Dec 2023 01:04:53 GMT"],"Link":["<https://acme.zerossl.com/v2/DV90>;rel=\"index\""],"Replay-Nonce":["9f7WWB0WKD_11JZEe3m93PIi4-HFcrHZGO1NnynxZLg"],"Retry-After":["86400"],"Server":["nginx"],"Strict-Transport-Security":["max-age=15724800; includeSubDomains"]}, "status_code": 200}
2023/12/27 01:04:53.077 ←[31mERROR←[0m tls.obtain could not get certificate from issuer {"identifier": "wiroxmedia.duckdns.org", "issuer": "acme.zerossl.com-v2-DV90", "error": "[wiroxmedia.duckdns.org] solving challenges: waiting for solver certmagic.solverWrapper to be ready: checking DNS propagation of \"_acme-challenge.wiroxmedia.duckdns.org\": dial tcp 99.79.16.64:53: i/o timeout (order=https://acme.zerossl.com/v2/DV90/order/zGmbi4HkaEhpMQuljFfNZQ) (ca=https://acme.zerossl.com/v2/DV90)"}
2023/12/27 01:04:53.082 ←[35mDEBUG←[0m events event {"name": "cert_failed", "id": "15ab889d-34bf-446d-9e53-d0ce8f1dff6c", "origin": "tls", "data": {"error":{},"identifier":"wiroxmedia.duckdns.org","issuers":["acme-v02.api.letsencrypt.org-directory","acme.zerossl.com-v2-DV90"],"renewal":false}}
2023/12/27 01:04:53.083 ←[31mERROR←[0m tls.obtain will retry {"error": "[wiroxmedia.duckdns.org] Obtain: [wiroxmedia.duckdns.org] solving challenges: waiting for solver certmagic.solverWrapper to be ready: checking DNS propagation of \"_acme-challenge.wiroxmedia.duckdns.org\": dial tcp 99.79.16.64:53: i/o timeout (order=https://acme.zerossl.com/v2/DV90/order/zGmbi4HkaEhpMQuljFfNZQ) (ca=https://acme.zerossl.com/v2/DV90)", "attempt": 1, "retrying_in": 60, "elapsed": 52.7138924, "max_duration": 2592000}
2023/12/27 01:05:53.099 ←[34mINFO←[0m tls.obtain obtaining certificate {"identifier": "wiroxmedia.duckdns.org"}
2023/12/27 01:05:53.099 ←[35mDEBUG←[0m events event {"name": "cert_obtaining", "id": "16624ba9-cb73-4a62-a0da-48629c7c84bc", "origin": "tls", "data": {"identifier":"wiroxmedia.duckdns.org"}}
2023/12/27 01:05:53.105 ←[35mDEBUG←[0m tls.obtain trying issuer 1/2 {"issuer": "acme-v02.api.letsencrypt.org-directory"}
2023/12/27 01:05:53.961 ←[35mDEBUG←[0m tls.issuance.acme.acme_client http request {"method": "GET", "url": "https://acme-staging-v02.api.letsencrypt.org/directory", "headers": {"User-Agent":["Caddy/2.7.6 CertMagic acmez (windows; amd64)"]}, "response_headers": {"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["826"],"Content-Type":["application/json"],"Date":["Wed, 27 Dec 2023 01:05:53 GMT"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]}, "status_code": 200}
2023/12/27 01:05:54.135 ←[35mDEBUG←[0m tls.issuance.acme.acme_client http request {"method": "HEAD", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/new-nonce", "headers": {"User-Agent":["Caddy/2.7.6 CertMagic acmez (windows; amd64)"]}, "response_headers": {"Cache-Control":["public, max-age=0, no-cache"],"Date":["Wed, 27 Dec 2023 01:05:54 GMT"],"Link":["<https://acme-staging-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Replay-Nonce":["rk02RH96-h4P26gkODw5fZkSpNAhkzemCcOpeQltdHZxAHlLdiY"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]}, "status_code": 200}
2023/12/27 01:05:54.352 ←[35mDEBUG←[0m tls.issuance.acme.acme_client http request {"method": "POST", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/new-order", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.7.6 CertMagic acmez (windows; amd64)"]}, "response_headers": {"Boulder-Requester":["130266264"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["361"],"Content-Type":["application/json"],"Date":["Wed, 27 Dec 2023 01:05:54 GMT"],"Link":["<https://acme-staging-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Location":["https://acme-staging-v02.api.letsencrypt.org/acme/order/130266264/13232569554"],"Replay-Nonce":["rk02RH96euBX8Ys-cC3oQl2_1ER-hdRvlYKhcJAlq9WynR_qLvs"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]}, "status_code": 201}
2023/12/27 01:05:54.525 ←[35mDEBUG←[0m tls.issuance.acme.acme_client http request {"method": "POST", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/10270392784", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.7.6 CertMagic acmez (windows; amd64)"]}, "response_headers": {"Boulder-Requester":["130266264"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["827"],"Content-Type":["application/json"],"Date":["Wed, 27 Dec 2023 01:05:54 GMT"],"Link":["<https://acme-staging-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Replay-Nonce":["mMpbWOlL7nPK-pVV1n5GzRtQ8GGV_Gu8Ny82UvYLWskxr5ZX9AQ"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]}, "status_code": 200}
2023/12/27 01:05:54.526 ←[35mDEBUG←[0m tls.issuance.acme.acme_client no solver configured {"challenge_type": "tls-alpn-01"}
2023/12/27 01:05:54.531 ←[35mDEBUG←[0m tls.issuance.acme.acme_client no solver configured {"challenge_type": "http-01"}
2023/12/27 01:05:54.532 ←[34mINFO←[0m tls.issuance.acme.acme_client trying to solve challenge {"identifier": "wiroxmedia.duckdns.org", "challenge_type": "dns-01", "ca": "https://acme-staging-v02.api.letsencrypt.org/directory"}
2023/12/27 01:05:54.661 ←[35mDEBUG←[0m tls.issuance.acme.acme_client waiting for solver before continuing {"identifier": "wiroxmedia.duckdns.org", "challenge_type": "dns-01"}
2023/12/27 01:06:18.307 ←[35mDEBUG←[0m tls.issuance.acme.acme_client done waiting for solver {"identifier": "wiroxmedia.duckdns.org", "challenge_type": "dns-01"}
2023/12/27 01:06:18.622 ←[35mDEBUG←[0m tls.issuance.acme.acme_client http request {"method": "POST", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/10270392784", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.7.6 CertMagic acmez (windows; amd64)"]}, "response_headers": {"Boulder-Requester":["130266264"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["831"],"Content-Type":["application/json"],"Date":["Wed, 27 Dec 2023 01:06:18 GMT"],"Link":["<https://acme-staging-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Replay-Nonce":["mMpbWOlLH3J74pdnuiFMIJ8c6v82Q-t8E4nZgLICPiYGLiE9lwA"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]}, "status_code": 200}
2023/12/27 01:06:18.623 ←[31mERROR←[0m tls.obtain could not get certificate from issuer {"identifier": "wiroxmedia.duckdns.org", "issuer": "acme-v02.api.letsencrypt.org-directory", "error": "[wiroxmedia.duckdns.org] solving challenges: waiting for solver certmagic.solverWrapper to be ready: checking DNS propagation of \"_acme-challenge.wiroxmedia.duckdns.org\": dial tcp 99.79.16.64:53: i/o timeout (order=https://acme-staging-v02.api.letsencrypt.org/acme/order/130266264/13232569554) (ca=https://acme-staging-v02.api.letsencrypt.org/directory)"}
2023/12/27 01:06:18.628 ←[35mDEBUG←[0m tls.obtain trying issuer 2/2 {"issuer": "acme.zerossl.com-v2-DV90"}
2023/12/27 01:06:19.451 ←[35mDEBUG←[0m tls.issuance.zerossl.acme_client http request {"method": "HEAD", "url": "https://acme.zerossl.com/v2/DV90/newNonce", "headers": {"User-Agent":["Caddy/2.7.6 CertMagic acmez (windows; amd64)"]}, "response_headers": {"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=0, no-cache, no-store"],"Content-Type":["application/octet-stream"],"Date":["Wed, 27 Dec 2023 01:06:19 GMT"],"Link":["<https://acme.zerossl.com/v2/DV90>;rel=\"index\""],"Replay-Nonce":["klx2-REOEopcLj_PSMteYKxv-mF22e6bvdfEFvrJKmo"],"Server":["nginx"],"Strict-Transport-Security":["max-age=15724800; includeSubDomains"]}, "status_code": 200}
2023/12/27 01:06:19.937 ←[35mDEBUG←[0m tls.issuance.zerossl.acme_client http request {"method": "POST", "url": "https://acme.zerossl.com/v2/DV90/newOrder", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.7.6 CertMagic acmez (windows; amd64)"]}, "response_headers": {"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=0, no-cache, no-store"],"Content-Length":["284"],"Content-Type":["application/json"],"Date":["Wed, 27 Dec 2023 01:06:19 GMT"],"Location":["https://acme.zerossl.com/v2/DV90/order/N9gThVP0t8BhD7g6PdjSSQ"],"Replay-Nonce":["4Wva_Br2AxYK0Rj-NDJyPR7ifseQSWsYbG1YtFXQp1M"],"Server":["nginx"],"Strict-Transport-Security":["max-age=15724800; includeSubDomains"]}, "status_code": 201}
2023/12/27 01:06:20.291 ←[35mDEBUG←[0m tls.issuance.zerossl.acme_client http request {"method": "POST", "url": "https://acme.zerossl.com/v2/DV90/authz/qSOoC8Ec-dxASTaAWZhw9w", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.7.6 CertMagic acmez (windows; amd64)"]}, "response_headers": {"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=0, no-cache, no-store"],"Content-Length":["452"],"Content-Type":["application/json"],"Date":["Wed, 27 Dec 2023 01:06:20 GMT"],"Link":["<https://acme.zerossl.com/v2/DV90>;rel=\"index\""],"Replay-Nonce":["9yV3FLby78zA-ZoCcMxBwlglYR3OfFpjuAhz80vcF2o"],"Retry-After":["5"],"Server":["nginx"],"Strict-Transport-Security":["max-age=15724800; includeSubDomains"]}, "status_code": 200}
2023/12/27 01:06:20.291 ←[35mDEBUG←[0m tls.issuance.zerossl.acme_client no solver configured {"challenge_type": "http-01"}
2023/12/27 01:06:20.294 ←[34mINFO←[0m tls.issuance.zerossl.acme_client trying to solve challenge {"identifier": "wiroxmedia.duckdns.org", "challenge_type": "dns-01", "ca": "https://acme.zerossl.com/v2/DV90"}
2023/12/27 01:06:20.423 ←[35mDEBUG←[0m tls.issuance.zerossl.acme_client waiting for solver before continuing
{"identifier": "wiroxmedia.duckdns.org", "challenge_type": "dns-01"}
3. Caddy version:
v2.7.6
4. How I installed and ran Caddy:
a. System environment:
Windows 10, installer from Caddy website with duckdns package added, running through a command prompt with a caddyfile. Caddy installed as a service.
b. Command:
caddy_windows_amd64 run --config Caddyfile
c. Service/unit/compose file:
d. My complete Caddy config:
wiroxmedia.duckdns.org {
tls {
dns duckdns REDACTED
}
reverse_proxy localhost:9876