1. The problem I’m having:
I use the caddy-dns module desec and it works quite good except that caddy don’t wait long enough for the challenge.
I can see via the dig command that the txt record is created but it requiers more time to be seen in the DNS then the caddy expect.
dig @ns1.desec.io _acme-challenge.livesystem.at txt +short
"64cTStcRwzZ3uKLxfnK25delmIIFhVwJmqQNZ1kAm4o"
{"level":"debug","ts":"2025-08-26T10:42:50.313+0200","msg":"waiting for solver before continuing","identifier":"*.livesystem.at","challenge_type":"dns-01"}
##--- wait less then a minute
{"level":"debug","ts":"2025-08-26T10:43:40.825+0200","msg":"done waiting for solver","identifier":"*.livesystem.at","challenge_type":"dns-01"}
I would like to increase the timeout to at least 2m but it’s not clear to me where I should put the timeout value from tls (Caddyfile directive) — Caddy Documentation for the dns challenge.
2. Error messages and/or full log output:
alex@alex-tuxedoinfinitybooks1517gen7 on 26/08/2025 at 10:42:46_CEST /datadisk/Downloads/caddyserver $
# ./caddy_linux_amd64_custom run --config Caddyfile
2025/08/26 08:42:48.395 INFO maxprocs: Leaving GOMAXPROCS=16: CPU quota undefined
2025/08/26 08:42:48.395 INFO GOMEMLIMIT is updated {"package": "github.com/KimMachineGun/automemlimit/memlimit", "GOMEMLIMIT": 30009872793, "previous": 9223372036854775807}
2025/08/26 08:42:48.395 INFO using config from file {"file": "Caddyfile"}
2025/08/26 08:42:48.396 INFO adapted config to JSON {"adapter": "caddyfile"}
2025/08/26 08:42:48.396 INFO redirected default logger {"from": "stderr", "to": "stdout"}
{"level":"info","ts":"2025-08-26T10:42:48.396+0200","logger":"admin","msg":"admin endpoint started","address":"0.0.0.0:2019","enforce_origin":false,"origins":["//0.0.0.0:2019"]}
{"level":"warn","ts":"2025-08-26T10:42:48.396+0200","logger":"admin","msg":"admin endpoint on open interface; host checking disabled","address":"0.0.0.0:2019"}
{"level":"info","ts":"2025-08-26T10:42:48.396+0200","logger":"http.auto_https","msg":"server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS","server_name":"main","https_port":8443}
{"level":"info","ts":"2025-08-26T10:42:48.396+0200","logger":"http.auto_https","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"main"}
{"level":"debug","ts":"2025-08-26T10:42:48.396+0200","logger":"http.auto_https","msg":"adjusted config","tls":{"automation":{"policies":[{}]}},"http":{"http_port":8080,"https_port":8443,"servers":{"main":{"listen":[":8443"],"read_timeout":300000000000,"read_header_timeout":10000000000,"write_timeout":300000000000,"idle_timeout":600000000000,"keepalive_interval":300000000000,"routes":[{"handle":[{"handler":"subroute","routes":[{"handle":[{"handler":"vars","root":"/datadisk/Downloads/ferronweb/ferron-2.0.0-beta.16/wwwroot/"}]},{"handle":[{"handler":"vars","log_skip":true}],"match":[{"path":["/metrics"]}]},{"handle":[{"handler":"vars","log_skip":true}],"match":[{"path":["/health"]}]},{"handle":[{"encodings":{"br":{"level":8},"gzip":{"level":5},"zstd":{}},"handler":"encode","prefer":["br","gzip","zstd"]}]},{"handle":[{"close":true,"handler":"static_response","status_code":200}],"match":[{"path":["/health"]}]},{"handle":[{"handler":"file_server","hide":["./Caddyfile"],"precompressed":{"gzip":{}},"precompressed_order":["gzip"]}]}]}],"terminal":true}],"tls_connection_policies":[{}],"automatic_https":{},"logs":{"logger_names":{"*.livesystem.at":[""]}},"protocols":["h1","h2","h3"]},"remaining_auto_https_redirects":{"listen":[":8080"],"routes":[{},{}],"logs":{"logger_names":{"*.livesystem.at":[""]}}}},"metrics":{"per_host":true}}}
{"level":"info","ts":"2025-08-26T10:42:48.396+0200","logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0xc000594d80"}
{"level":"debug","ts":"2025-08-26T10:42:48.397+0200","logger":"http","msg":"starting server loop","address":"[::]:8080","tls":false,"http3":false}
{"level":"warn","ts":"2025-08-26T10:42:48.397+0200","logger":"http","msg":"HTTP/2 skipped because it requires TLS","network":"tcp","addr":":8080"}
{"level":"warn","ts":"2025-08-26T10:42:48.397+0200","logger":"http","msg":"HTTP/3 skipped because it requires TLS","network":"tcp","addr":":8080"}
{"level":"info","ts":"2025-08-26T10:42:48.397+0200","logger":"http.log","msg":"server running","name":"remaining_auto_https_redirects","protocols":["h1","h2","h3"]}
{"level":"debug","ts":"2025-08-26T10:42:48.397+0200","logger":"http","msg":"starting server loop","address":"[::]:8443","tls":true,"http3":false}
{"level":"info","ts":"2025-08-26T10:42:48.397+0200","logger":"http","msg":"enabling HTTP/3 listener","addr":":8443"}
2025/08/26 08:42:48.397 INFO failed to sufficiently increase receive buffer size (was: 208 kiB, wanted: 7168 kiB, got: 416 kiB). See https://github.com/quic-go/quic-go/wiki/UDP-Buffer-Sizes for details.
{"level":"info","ts":"2025-08-26T10:42:48.397+0200","logger":"http.log","msg":"server running","name":"main","protocols":["h1","h2","h3"]}
{"level":"info","ts":"2025-08-26T10:42:48.397+0200","logger":"http","msg":"enabling automatic TLS certificate management","domains":["*.livesystem.at"]}
{"level":"debug","ts":"2025-08-26T10:42:48.397+0200","logger":"events","msg":"event","name":"started","id":"7648241c-7607-438d-8157-c21dc27e3877","origin":"","data":null}
{"level":"info","ts":"2025-08-26T10:42:48.397+0200","msg":"autosaved config (load with --resume flag)","file":"/home/alex/.config/caddy/autosave.json"}
2025/08/26 08:42:48.397 INFO serving initial configuration
{"level":"info","ts":"2025-08-26T10:42:48.407+0200","logger":"tls.obtain","msg":"acquiring lock","identifier":"*.livesystem.at"}
{"level":"info","ts":"2025-08-26T10:42:48.407+0200","logger":"tls","msg":"storage cleaning happened too recently; skipping for now","storage":"FileStorage::/var/lib/flatpak/exports/share/caddy","instance":"a79d8fec-7fbf-4dc3-b7f3-7b4f774b7568","try_again":"2025-08-27T10:42:48.407+0200","try_again_in":86399999}
{"level":"info","ts":"2025-08-26T10:42:48.407+0200","logger":"tls","msg":"finished cleaning storage units"}
{"level":"info","ts":"2025-08-26T10:42:48.408+0200","logger":"tls.obtain","msg":"lock acquired","identifier":"*.livesystem.at"}
{"level":"info","ts":"2025-08-26T10:42:48.408+0200","logger":"tls.obtain","msg":"obtaining certificate","identifier":"*.livesystem.at"}
{"level":"debug","ts":"2025-08-26T10:42:48.408+0200","logger":"events","msg":"event","name":"cert_obtaining","id":"8b405d50-aa45-4ddb-90d7-2b8dc1db3e95","origin":"tls","data":{"identifier":"*.livesystem.at"}}
{"level":"debug","ts":"2025-08-26T10:42:48.408+0200","logger":"tls","msg":"created CSR","identifiers":["*.livesystem.at"],"san_dns_names":["*.livesystem.at"],"san_emails":[],"common_name":"","extra_extensions":0}
{"level":"debug","ts":"2025-08-26T10:42:48.409+0200","logger":"tls.obtain","msg":"trying issuer 1/2","issuer":"acme-v02.api.letsencrypt.org-directory"}
{"level":"debug","ts":"2025-08-26T10:42:48.409+0200","logger":"http","msg":"using existing ACME account because key found in storage associated with email","email":"al-letest@none.at","ca":"https://acme-v02.api.letsencrypt.org/directory"}
{"level":"info","ts":"2025-08-26T10:42:48.409+0200","logger":"http","msg":"waiting on internal rate limiter","identifiers":["*.livesystem.at"],"ca":"https://acme-v02.api.letsencrypt.org/directory","account":"al-letest@none.at"}
{"level":"info","ts":"2025-08-26T10:42:48.409+0200","logger":"http","msg":"done waiting on internal rate limiter","identifiers":["*.livesystem.at"],"ca":"https://acme-v02.api.letsencrypt.org/directory","account":"al-letest@none.at"}
{"level":"info","ts":"2025-08-26T10:42:48.409+0200","logger":"http","msg":"using ACME account","account_id":"https://acme-v02.api.letsencrypt.org/acme/acct/2619603087","account_contact":["mailto:al-letest@none.at"]}
{"level":"debug","ts":"2025-08-26T10:42:49.370+0200","msg":"http request","method":"GET","url":"https://acme-v02.api.letsencrypt.org/directory","headers":{"User-Agent":["Caddy/2.10.2 CertMagic acmez (linux; amd64)"]},"response_headers":{"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["995"],"Content-Type":["application/json"],"Date":["Tue, 26 Aug 2025 08:42:49 GMT"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]},"status_code":200}
{"level":"debug","ts":"2025-08-26T10:42:49.371+0200","msg":"creating order","account":"https://acme-v02.api.letsencrypt.org/acme/acct/2619603087","identifiers":["*.livesystem.at"]}
{"level":"debug","ts":"2025-08-26T10:42:49.505+0200","msg":"http request","method":"HEAD","url":"https://acme-v02.api.letsencrypt.org/acme/new-nonce","headers":{"User-Agent":["Caddy/2.10.2 CertMagic acmez (linux; amd64)"]},"response_headers":{"Cache-Control":["public, max-age=0, no-cache"],"Date":["Tue, 26 Aug 2025 08:42:49 GMT"],"Link":["<https://acme-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Replay-Nonce":["-lpoG98Ajy2DGvfTSpDqSSNUpsBrgXcCBeFL69dCTm4CPrH6ONk"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]},"status_code":200}
{"level":"debug","ts":"2025-08-26T10:42:49.761+0200","msg":"http request","method":"POST","url":"https://acme-v02.api.letsencrypt.org/acme/new-order","headers":{"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.10.2 CertMagic acmez (linux; amd64)"]},"response_headers":{"Boulder-Requester":["2619603087"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["349"],"Content-Type":["application/json"],"Date":["Tue, 26 Aug 2025 08:42:49 GMT"],"Link":["<https://acme-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Location":["https://acme-v02.api.letsencrypt.org/acme/order/2619603087/421698487597"],"Replay-Nonce":["-lpoG98AjQh2WrAzdRSpwB7-AvGLE-pJwjY3Mak6TIHwy2mQlT4"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]},"status_code":201}
{"level":"debug","ts":"2025-08-26T10:42:49.900+0200","msg":"http request","method":"POST","url":"https://acme-v02.api.letsencrypt.org/acme/authz/2619603087/574429580057","headers":{"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.10.2 CertMagic acmez (linux; amd64)"]},"response_headers":{"Boulder-Requester":["2619603087"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["395"],"Content-Type":["application/json"],"Date":["Tue, 26 Aug 2025 08:42:49 GMT"],"Link":["<https://acme-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Replay-Nonce":["-lpoG98AtlBcRXGmLu1cBYb3cat4SWYJXbxZTf1c0Be0y5sPw7o"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]},"status_code":200}
{"level":"info","ts":"2025-08-26T10:42:49.901+0200","msg":"trying to solve challenge","identifier":"*.livesystem.at","challenge_type":"dns-01","ca":"https://acme-v02.api.letsencrypt.org/directory"}
{"level":"debug","ts":"2025-08-26T10:42:50.313+0200","msg":"waiting for solver before continuing","identifier":"*.livesystem.at","challenge_type":"dns-01"}
{"level":"debug","ts":"2025-08-26T10:43:40.825+0200","msg":"done waiting for solver","identifier":"*.livesystem.at","challenge_type":"dns-01"}
{"level":"debug","ts":"2025-08-26T10:43:40.963+0200","msg":"http request","method":"POST","url":"https://acme-v02.api.letsencrypt.org/acme/chall/2619603087/574429580057/QjZ-RQ","headers":{"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.10.2 CertMagic acmez (linux; amd64)"]},"response_headers":{"Boulder-Requester":["2619603087"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["194"],"Content-Type":["application/json"],"Date":["Tue, 26 Aug 2025 08:43:40 GMT"],"Link":["<https://acme-v02.api.letsencrypt.org/directory>;rel=\"index\"","<https://acme-v02.api.letsencrypt.org/acme/authz/2619603087/574429580057>;rel=\"up\""],"Location":["https://acme-v02.api.letsencrypt.org/acme/chall/2619603087/574429580057/QjZ-RQ"],"Replay-Nonce":["OkLCVishAEgD5i0uHG9w8mhC6FWpCclZSCsO53bFnCQNf3QM1z4"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]},"status_code":200}
{"level":"debug","ts":"2025-08-26T10:43:40.963+0200","msg":"challenge accepted","identifier":"*.livesystem.at","challenge_type":"dns-01"}
{"level":"debug","ts":"2025-08-26T10:43:41.350+0200","msg":"http request","method":"POST","url":"https://acme-v02.api.letsencrypt.org/acme/authz/2619603087/574429580057","headers":{"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.10.2 CertMagic acmez (linux; amd64)"]},"response_headers":{"Boulder-Requester":["2619603087"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["395"],"Content-Type":["application/json"],"Date":["Tue, 26 Aug 2025 08:43:41 GMT"],"Link":["<https://acme-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Replay-Nonce":["-lpoG98ARLxoZAEKZ3l7VYsmmQcV6DhlRap0dPxM16bH-6DPOlM"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]},"status_code":200}
{"level":"debug","ts":"2025-08-26T10:43:41.739+0200","msg":"http request","method":"POST","url":"https://acme-v02.api.letsencrypt.org/acme/authz/2619603087/574429580057","headers":{"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.10.2 CertMagic acmez (linux; amd64)"]},"response_headers":{"Boulder-Requester":["2619603087"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["830"],"Content-Type":["application/json"],"Date":["Tue, 26 Aug 2025 08:43:41 GMT"],"Link":["<https://acme-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Replay-Nonce":["OkLCVishp0g18Uzd4ebEYgoP5UXrzn7bShmd2L_C_Uz4VSLzDBc"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]},"status_code":200}
{"level":"error","ts":"2025-08-26T10:43:42.016+0200","msg":"challenge failed","identifier":"*.livesystem.at","challenge_type":"dns-01","problem":{"type":"urn:ietf:params:acme:error:dns","title":"","detail":"During secondary validation: DNS problem: NXDOMAIN looking up TXT for _acme-challenge.livesystem.at - check that a DNS record exists for this domain","instance":"","subproblems":null},"stacktrace":"github.com/mholt/acmez/v3.(*Client).pollAuthorization\n\tgithub.com/mholt/acmez/v3@v3.1.2/client.go:557\ngithub.com/mholt/acmez/v3.(*Client).solveChallenges\n\tgithub.com/mholt/acmez/v3@v3.1.2/client.go:378\ngithub.com/mholt/acmez/v3.(*Client).ObtainCertificate\n\tgithub.com/mholt/acmez/v3@v3.1.2/client.go:136\ngithub.com/caddyserver/certmagic.(*ACMEIssuer).doIssue\n\tgithub.com/caddyserver/certmagic@v0.24.0/acmeissuer.go:489\ngithub.com/caddyserver/certmagic.(*ACMEIssuer).Issue\n\tgithub.com/caddyserver/certmagic@v0.24.0/acmeissuer.go:382\ngithub.com/caddyserver/caddy/v2/modules/caddytls.(*ACMEIssuer).Issue\n\tgithub.com/caddyserver/caddy/v2@v2.10.2/modules/caddytls/acmeissuer.go:288\ngithub.com/caddyserver/certmagic.(*Config).obtainCert.func2\n\tgithub.com/caddyserver/certmagic@v0.24.0/config.go:626\ngithub.com/caddyserver/certmagic.doWithRetry\n\tgithub.com/caddyserver/certmagic@v0.24.0/async.go:104\ngithub.com/caddyserver/certmagic.(*Config).obtainCert\n\tgithub.com/caddyserver/certmagic@v0.24.0/config.go:700\ngithub.com/caddyserver/certmagic.(*Config).ObtainCertAsync\n\tgithub.com/caddyserver/certmagic@v0.24.0/config.go:505\ngithub.com/caddyserver/certmagic.(*Config).manageOne.func1\n\tgithub.com/caddyserver/certmagic@v0.24.0/config.go:415\ngithub.com/caddyserver/certmagic.(*jobManager).worker\n\tgithub.com/caddyserver/certmagic@v0.24.0/async.go:73"}
{"level":"error","ts":"2025-08-26T10:43:42.016+0200","msg":"validating authorization","identifier":"*.livesystem.at","problem":{"type":"urn:ietf:params:acme:error:dns","title":"","detail":"During secondary validation: DNS problem: NXDOMAIN looking up TXT for _acme-challenge.livesystem.at - check that a DNS record exists for this domain","instance":"","subproblems":null},"order":"https://acme-v02.api.letsencrypt.org/acme/order/2619603087/421698487597","attempt":1,"max_attempts":3,"stacktrace":"github.com/mholt/acmez/v3.(*Client).ObtainCertificate\n\tgithub.com/mholt/acmez/v3@v3.1.2/client.go:152\ngithub.com/caddyserver/certmagic.(*ACMEIssuer).doIssue\n\tgithub.com/caddyserver/certmagic@v0.24.0/acmeissuer.go:489\ngithub.com/caddyserver/certmagic.(*ACMEIssuer).Issue\n\tgithub.com/caddyserver/certmagic@v0.24.0/acmeissuer.go:382\ngithub.com/caddyserver/caddy/v2/modules/caddytls.(*ACMEIssuer).Issue\n\tgithub.com/caddyserver/caddy/v2@v2.10.2/modules/caddytls/acmeissuer.go:288\ngithub.com/caddyserver/certmagic.(*Config).obtainCert.func2\n\tgithub.com/caddyserver/certmagic@v0.24.0/config.go:626\ngithub.com/caddyserver/certmagic.doWithRetry\n\tgithub.com/caddyserver/certmagic@v0.24.0/async.go:104\ngithub.com/caddyserver/certmagic.(*Config).obtainCert\n\tgithub.com/caddyserver/certmagic@v0.24.0/config.go:700\ngithub.com/caddyserver/certmagic.(*Config).ObtainCertAsync\n\tgithub.com/caddyserver/certmagic@v0.24.0/config.go:505\ngithub.com/caddyserver/certmagic.(*Config).manageOne.func1\n\tgithub.com/caddyserver/certmagic@v0.24.0/config.go:415\ngithub.com/caddyserver/certmagic.(*jobManager).worker\n\tgithub.com/caddyserver/certmagic@v0.24.0/async.go:73"}
{"level":"error","ts":"2025-08-26T10:43:42.016+0200","logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"*.livesystem.at","issuer":"acme-v02.api.letsencrypt.org-directory","error":"HTTP 400 urn:ietf:params:acme:error:dns - During secondary validation: DNS problem: NXDOMAIN looking up TXT for _acme-challenge.livesystem.at - check that a DNS record exists for this domain"}
{"level":"debug","ts":"2025-08-26T10:43:42.017+0200","logger":"tls.obtain","msg":"trying issuer 2/2","issuer":"acme.zerossl.com-v2-DV90"}
{"level":"debug","ts":"2025-08-26T10:43:42.017+0200","logger":"http","msg":"using existing ACME account because key found in storage associated with email","email":"al-letest@none.at","ca":"https://acme.zerossl.com/v2/DV90"}
{"level":"info","ts":"2025-08-26T10:43:42.017+0200","logger":"http","msg":"waiting on internal rate limiter","identifiers":["*.livesystem.at"],"ca":"https://acme.zerossl.com/v2/DV90","account":"al-letest@none.at"}
{"level":"info","ts":"2025-08-26T10:43:42.017+0200","logger":"http","msg":"done waiting on internal rate limiter","identifiers":["*.livesystem.at"],"ca":"https://acme.zerossl.com/v2/DV90","account":"al-letest@none.at"}
{"level":"info","ts":"2025-08-26T10:43:42.017+0200","logger":"http","msg":"using ACME account","account_id":"https://acme.zerossl.com/v2/DV90/account/9ddQeo0XSEPi22by_nrLjg","account_contact":["mailto:al-letest@none.at"]}
{"level":"debug","ts":"2025-08-26T10:43:42.418+0200","msg":"http request","method":"GET","url":"https://acme.zerossl.com/v2/DV90","headers":{"User-Agent":["Caddy/2.10.2 CertMagic acmez (linux; amd64)"]},"response_headers":{"Access-Control-Allow-Origin":["*"],"Content-Length":["712"],"Content-Type":["application/json"],"Date":["Tue, 26 Aug 2025 08:43:42 GMT"],"Server":["nginx"],"Strict-Transport-Security":["max-age=31536000; includeSubDomains"]},"status_code":200}
{"level":"debug","ts":"2025-08-26T10:43:42.419+0200","msg":"creating order","account":"https://acme.zerossl.com/v2/DV90/account/9ddQeo0XSEPi22by_nrLjg","identifiers":["*.livesystem.at"]}
{"level":"debug","ts":"2025-08-26T10:43:42.718+0200","msg":"http request","method":"HEAD","url":"https://acme.zerossl.com/v2/DV90/newNonce","headers":{"User-Agent":["Caddy/2.10.2 CertMagic acmez (linux; amd64)"]},"response_headers":{"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=0, no-cache, no-store"],"Content-Type":["application/octet-stream"],"Date":["Tue, 26 Aug 2025 08:43:42 GMT"],"Link":["<https://acme.zerossl.com/v2/DV90>;rel=\"index\""],"Replay-Nonce":["TAPRTMcerExAzlDSnIvjsYBs5NKYBk4UBdGnzRsWCDA"],"Server":["nginx"],"Strict-Transport-Security":["max-age=31536000; includeSubDomains"]},"status_code":200}
{"level":"debug","ts":"2025-08-26T10:43:42.999+0200","msg":"http request","method":"POST","url":"https://acme.zerossl.com/v2/DV90/newOrder","headers":{"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.10.2 CertMagic acmez (linux; amd64)"]},"response_headers":{"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=0, no-cache, no-store"],"Content-Length":["277"],"Content-Type":["application/json"],"Date":["Tue, 26 Aug 2025 08:43:42 GMT"],"Location":["https://acme.zerossl.com/v2/DV90/order/4LcQ_0zBK1whoFflus-2Cw"],"Replay-Nonce":["p6hE1jCFjLb-vN3HSCnxFKnist0cmMCk2gYZ-AHIWqw"],"Server":["nginx"],"Strict-Transport-Security":["max-age=31536000; includeSubDomains"]},"status_code":201}
{"level":"debug","ts":"2025-08-26T10:43:43.305+0200","msg":"http request","method":"POST","url":"https://acme.zerossl.com/v2/DV90/authz/STXaHCxHoFASaeJ-6m3KGA","headers":{"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.10.2 CertMagic acmez (linux; amd64)"]},"response_headers":{"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=0, no-cache, no-store"],"Content-Length":["300"],"Content-Type":["application/json"],"Date":["Tue, 26 Aug 2025 08:43:43 GMT"],"Link":["<https://acme.zerossl.com/v2/DV90>;rel=\"index\""],"Replay-Nonce":["ZyMHyJoPg5BLKIT-6NDROLtzvtMKMjXJoOVBh87gPtA"],"Retry-After":["86400"],"Server":["nginx"],"Strict-Transport-Security":["max-age=31536000; includeSubDomains"]},"status_code":200}
{"level":"info","ts":"2025-08-26T10:43:43.306+0200","msg":"trying to solve challenge","identifier":"*.livesystem.at","challenge_type":"dns-01","ca":"https://acme.zerossl.com/v2/DV90"}
{"level":"debug","ts":"2025-08-26T10:43:43.584+0200","msg":"waiting for solver before continuing","identifier":"*.livesystem.at","challenge_type":"dns-01"}
{"level":"debug","ts":"2025-08-26T10:43:45.606+0200","msg":"done waiting for solver","identifier":"*.livesystem.at","challenge_type":"dns-01"}
{"level":"debug","ts":"2025-08-26T10:43:45.903+0200","msg":"http request","method":"POST","url":"https://acme.zerossl.com/v2/DV90/chall/PuLRRWVvd40kGsz2GZUMBQ","headers":{"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.10.2 CertMagic acmez (linux; amd64)"]},"response_headers":{"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=0, no-cache, no-store"],"Content-Length":["163"],"Content-Type":["application/json"],"Date":["Tue, 26 Aug 2025 08:43:45 GMT"],"Link":["<https://acme.zerossl.com/v2/DV90/authz/STXaHCxHoFASaeJ-6m3KGA>;rel=\"up\""],"Replay-Nonce":["67cjy7jAzQiwknsuB-CWZKD7hpBadiraKWqg4nXaeaQ"],"Retry-After":["60"],"Server":["nginx"],"Strict-Transport-Security":["max-age=31536000; includeSubDomains"]},"status_code":200}
{"level":"debug","ts":"2025-08-26T10:43:45.903+0200","msg":"challenge accepted","identifier":"*.livesystem.at","challenge_type":"dns-01"}
{"level":"debug","ts":"2025-08-26T10:43:46.447+0200","msg":"http request","method":"POST","url":"https://acme.zerossl.com/v2/DV90/authz/STXaHCxHoFASaeJ-6m3KGA","headers":{"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.10.2 CertMagic acmez (linux; amd64)"]},"response_headers":{"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=0, no-cache, no-store"],"Content-Length":["300"],"Content-Type":["application/json"],"Date":["Tue, 26 Aug 2025 08:43:46 GMT"],"Link":["<https://acme.zerossl.com/v2/DV90>;rel=\"index\""],"Replay-Nonce":["uLgS9SI1ekFa-Sm79jcMBbycur1mLGPuH8YaXs2FzTk"],"Retry-After":["86400"],"Server":["nginx"],"Strict-Transport-Security":["max-age=31536000; includeSubDomains"]},"status_code":200}
^C{"level":"info","ts":"2025-08-26T10:48:29.983+0200","msg":"shutting down","signal":"SIGINT"}
{"level":"warn","ts":"2025-08-26T10:48:29.983+0200","msg":"exiting; byeee!! 👋","signal":"SIGINT"}
{"level":"debug","ts":"2025-08-26T10:48:29.983+0200","logger":"events","msg":"event","name":"stopping","id":"cebefec5-4aaf-4bdc-afef-c28c15201da5","origin":"","data":null}
{"level":"info","ts":"2025-08-26T10:48:29.983+0200","logger":"http","msg":"servers shutting down with eternal grace period"}
{"level":"info","ts":"2025-08-26T10:48:29.984+0200","logger":"admin","msg":"stopped previous server","address":"0.0.0.0:2019"}
{"level":"info","ts":"2025-08-26T10:48:29.984+0200","msg":"shutdown complete","signal":"SIGINT","exit_code":0}
alex@alex-tuxedoinfinitybooks1517gen7 on 26/08/2025 at 10:48:29_CEST /datadisk/Downloads/caddyserver $
3. Caddy version:
# ./caddy_linux_amd64_custom version
v2.10.2 h1:g/gTYjGMD0dec+UgMw8SnfmJ3I9+M2TdvoRL/Ovu6U8=
4. How I installed and ran Caddy:
I have downloaded the caddy from the download site and added the br, upload and desec module to the caddy
# ./caddy_linux_amd64_custom list-modules
...
Standard modules: 127
dns.providers.desec
http.encoders.br
http.handlers.upload
Non-standard modules: 3
a. System environment:
Ubuntu 20.04
b. Command:
# ./caddy_linux_amd64_custom run --config Caddyfile
c. Service/unit/compose file:
None
d. My complete Caddy config:
#https://github.com/caddy-dns/desec
# with desec dns provider
# ./caddy_linux_amd64_custom validate --config Caddyfile
{
debug
http_port 8080
https_port 8443
# https://caddyserver.com/docs/caddyfile/options
email "my-email"
acme_dns desec {
token "------"
}
# Prom Metrics
metrics {
per_host
}
admin 0.0.0.0:2019
servers :8443 {
name main
protocols h1 h2 h3
keepalive_interval 300s
timeouts {
read_body 300s
read_header 10s
write 300s
idle 10m
}
}
log default {
output stdout
format json {
time_format iso8601
duration_format ms
}
}
}
https://*.DOMAIN:8443 {
log
log_skip /health
log_skip /metrics
respond /health 200 {
close
}
encode {
br 8 15
gzip 5
zstd
}
root "wwwroot/"
file_server {
precompressed gzip
}
}