Sure - here is a basic config with what I’m trying to do:
logging:
logs:
default:
level: DEBUG
apps:
http:
http_port: 80
https_port: 443
servers:
srv0:
listen:
- :8443
routes:
- match:
- host:
- foo.rayj2.dev.tilia-inc.com
handle:
- handler: subroute
routes:
- handle:
- handler: reverse_proxy
upstreams:
- dial: foo:80
terminal: true
- match:
- host:
- bar.rayj2.dev.tilia-inc.com
handle:
- handler: subroute
routes:
- handle:
- handler: reverse_proxy
upstreams:
- dial: bar:80
terminal: true
tls_connection_policies:
- match:
sni:
- foo.rayj2.dev.tilia-inc.com
client_authentication:
trusted_ca_certs_pem_files:
- /certs/ca.crt
mode: require_and_verify
- match:
sni:
- bar.rayj2.dev.tilia-inc.com
- {}
tls:
automation:
policies:
- subjects:
- '*.rayj2.dev.tilia-inc.com'
issuers:
- module: acme
ca: https://acme-staging-v02.api.letsencrypt.org/directory
challenges:
dns:
provider:
name: route53
- subjects:
- 'login.sansar.com'
issuers:
- module: internal
And here is the log output from caddy:
root@5c24d5340a96:/site# caddy run --config /config.yml --adapter yaml
2021/01/24 08:49:51.330 INFO using provided configuration {"config_file": "/config.yml", "config_adapter": "yaml"}
2021/01/24 08:49:51.332 INFO admin admin endpoint started {"address": "tcp/localhost:2019", "enforce_origin": false, "origins": ["localhost:2019", "[::1]:2019", "127.0.0.1:2019"]}
2021/01/24 08:49:51.332 INFO tls.cache.maintenance started background certificate maintenance {"cache": "0xc00017e620"}
2021/01/24 08:49:51.344 INFO http enabling automatic HTTP->HTTPS redirects {"server_name": "srv0"}
2021/01/24 08:49:51.345 INFO http enabling strict SNI-Host matching because TLS client auth is configured {"server_name": "srv0"}
2021/01/24 08:49:51.379 WARN pki.ca.local installing root certificate (you might be prompted for password) {"path": "storage:pki/authorities/local/root.crt"}
2021/01/24 08:49:51 Warning: "certutil" is not available, install "certutil" with "apt install libnss3-tools" or "yum install nss-tools" and try again
2021/01/24 08:49:51 define JAVA_HOME environment variable to use the Java trust
2021/01/24 08:49:51 certificate installed properly in linux trusts
2021/01/24 08:49:51.983 DEBUG http starting server loop {"address": "[::]:8443", "http3": false, "tls": true}
2021/01/24 08:49:51.983 DEBUG http starting server loop {"address": "[::]:80", "http3": false, "tls": false}
2021/01/24 08:49:51.983 INFO http enabling automatic TLS certificate management {"domains": ["foo.rayj2.dev.tilia-inc.com", "bar.rayj2.dev.tilia-inc.com"]}
2021/01/24 08:49:51.984 INFO tls cleaned up storage units
2021/01/24 08:49:51.984 INFO tls.obtain acquiring lock {"identifier": "foo.rayj2.dev.tilia-inc.com"}
2021/01/24 08:49:51.986 INFO tls.obtain lock acquired {"identifier": "foo.rayj2.dev.tilia-inc.com"}
2021/01/24 08:49:51.987 INFO tls.obtain acquiring lock {"identifier": "bar.rayj2.dev.tilia-inc.com"}
2021/01/24 08:49:51.987 INFO tls.obtain lock acquired {"identifier": "bar.rayj2.dev.tilia-inc.com"}
2021/01/24 08:49:51.986 INFO autosaved config {"file": "/root/.config/caddy/autosave.json"}
2021/01/24 08:49:51.989 INFO serving initial configuration
2021/01/24 08:49:52.162 DEBUG tls.issuance.acme.acme_client http request {"method": "GET", "url": "https://acme-staging-v02.api.letsencrypt.org/directory", "headers": {"User-Agent":["Caddy/2.3.0 CertMagic acmez (linux; amd64)"]}, "status_code": 200, "response_headers": {"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["724"],"Content-Type":["application/json"],"Date":["Sun, 24 Jan 2021 08:49:52 GMT"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]}}
2021/01/24 08:49:52.212 DEBUG tls.issuance.acme.acme_client http request {"method": "HEAD", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/new-nonce", "headers": {"User-Agent":["Caddy/2.3.0 CertMagic acmez (linux; amd64)"]}, "status_code": 200, "response_headers": {"Cache-Control":["public, max-age=0, no-cache"],"Date":["Sun, 24 Jan 2021 08:49:52 GMT"],"Link":["<https://acme-staging-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Replay-Nonce":["0003xTBQee7kPGn5hgXL19BQOikYixGkWmNkXGNAniuK1c4"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]}}
2021/01/24 08:49:52.276 DEBUG tls.issuance.acme.acme_client http request {"method": "POST", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/new-acct", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.3.0 CertMagic acmez (linux; amd64)"]}, "status_code": 201, "response_headers": {"Boulder-Requester":["17685901"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["285"],"Content-Type":["application/json"],"Date":["Sun, 24 Jan 2021 08:49:52 GMT"],"Link":["<https://acme-staging-v02.api.letsencrypt.org/directory>;rel=\"index\"","<https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf>;rel=\"terms-of-service\""],"Location":["https://acme-staging-v02.api.letsencrypt.org/acme/acct/17685901"],"Replay-Nonce":["0004AHPNHGi32gGVVo_p-m9tm_O20AJZzDC1_mXfiOo7dXg"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]}}
2021/01/24 08:49:52.277 INFO tls.issuance.acme waiting on internal rate limiter {"identifiers": ["foo.rayj2.dev.tilia-inc.com"]}
2021/01/24 08:49:52.277 INFO tls.issuance.acme done waiting on internal rate limiter {"identifiers": ["foo.rayj2.dev.tilia-inc.com"]}
2021/01/24 08:49:52.337 DEBUG tls.issuance.acme.acme_client http request {"method": "HEAD", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/new-nonce", "headers": {"User-Agent":["Caddy/2.3.0 CertMagic acmez (linux; amd64)"]}, "status_code": 200, "response_headers": {"Cache-Control":["public, max-age=0, no-cache"],"Date":["Sun, 24 Jan 2021 08:49:52 GMT"],"Link":["<https://acme-staging-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Replay-Nonce":["0004p5j8vwULmD8emd1hii6jK5KCfJjPUqKxrvBDduVMLb8"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]}}
2021/01/24 08:49:52.342 DEBUG tls.issuance.acme.acme_client http request {"method": "POST", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/new-order", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.3.0 CertMagic acmez (linux; amd64)"]}, "status_code": 201, "response_headers": {"Boulder-Requester":["17685901"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["361"],"Content-Type":["application/json"],"Date":["Sun, 24 Jan 2021 08:49:52 GMT"],"Link":["<https://acme-staging-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Location":["https://acme-staging-v02.api.letsencrypt.org/acme/order/17685901/227637346"],"Replay-Nonce":["0003ZIV1v4diIM00K4uQGNUwpF-HSCEud_PHYDSVspfQfwo"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]}}
2021/01/24 08:49:52.396 DEBUG tls.issuance.acme.acme_client http request {"method": "POST", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/new-acct", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.3.0 CertMagic acmez (linux; amd64)"]}, "status_code": 201, "response_headers": {"Boulder-Requester":["17685902"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["285"],"Content-Type":["application/json"],"Date":["Sun, 24 Jan 2021 08:49:52 GMT"],"Link":["<https://acme-staging-v02.api.letsencrypt.org/directory>;rel=\"index\"","<https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf>;rel=\"terms-of-service\""],"Location":["https://acme-staging-v02.api.letsencrypt.org/acme/acct/17685902"],"Replay-Nonce":["00047DRhs7To1XoPTLgyOjDxgYeAKJeja2YSlFrx_8F-Hw8"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]}}
2021/01/24 08:49:52.396 INFO tls.issuance.acme waiting on internal rate limiter {"identifiers": ["bar.rayj2.dev.tilia-inc.com"]}
2021/01/24 08:49:52.397 INFO tls.issuance.acme done waiting on internal rate limiter {"identifiers": ["bar.rayj2.dev.tilia-inc.com"]}
2021/01/24 08:49:52.398 DEBUG tls.issuance.acme.acme_client http request {"method": "POST", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/197501389", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.3.0 CertMagic acmez (linux; amd64)"]}, "status_code": 200, "response_headers": {"Boulder-Requester":["17685901"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["826"],"Content-Type":["application/json"],"Date":["Sun, 24 Jan 2021 08:49:52 GMT"],"Link":["<https://acme-staging-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Replay-Nonce":["0003PR0mIYSNHeny5qSbtvz2SFPre8Hgkz-jM0VISm2Ml-4"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]}}
2021/01/24 08:49:52.398 INFO tls.issuance.acme.acme_client trying to solve challenge {"identifier": "foo.rayj2.dev.tilia-inc.com", "challenge_type": "dns-01", "ca": "https://acme-staging-v02.api.letsencrypt.org/directory"}
2021/01/24 08:49:52.466 DEBUG tls.issuance.acme.acme_client http request {"method": "POST", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/new-order", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.3.0 CertMagic acmez (linux; amd64)"]}, "status_code": 201, "response_headers": {"Boulder-Requester":["17685902"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["361"],"Content-Type":["application/json"],"Date":["Sun, 24 Jan 2021 08:49:52 GMT"],"Link":["<https://acme-staging-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Location":["https://acme-staging-v02.api.letsencrypt.org/acme/order/17685902/227637347"],"Replay-Nonce":["0004JuYj94Uy3bB8jfeGeEA3afLhtm0N3nWJk5zJsScWBa4"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]}}
2021/01/24 08:49:52.513 DEBUG tls.issuance.acme.acme_client http request {"method": "POST", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/197501390", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.3.0 CertMagic acmez (linux; amd64)"]}, "status_code": 200, "response_headers": {"Boulder-Requester":["17685902"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["826"],"Content-Type":["application/json"],"Date":["Sun, 24 Jan 2021 08:49:52 GMT"],"Link":["<https://acme-staging-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Replay-Nonce":["0004kscA4NFftc5J6FtB603qoZWFDKkNE-23wMNyMdkF0ug"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]}}
2021/01/24 08:49:52.513 INFO tls.issuance.acme.acme_client trying to solve challenge {"identifier": "bar.rayj2.dev.tilia-inc.com", "challenge_type": "dns-01", "ca": "https://acme-staging-v02.api.letsencrypt.org/directory"}
2021/01/24 08:49:56.347 ERROR tls.issuance.acme.acme_client cleaning up solver {"identifier": "foo.rayj2.dev.tilia-inc.com", "challenge_type": "dns-01", "error": "no memory of presenting a DNS record for foo.rayj2.dev.tilia-inc.com (probably OK if presenting failed)"}
2021/01/24 08:49:56.395 DEBUG tls.issuance.acme.acme_client http request {"method": "POST", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/197501389", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.3.0 CertMagic acmez (linux; amd64)"]}, "status_code": 200, "response_headers": {"Boulder-Requester":["17685901"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["830"],"Content-Type":["application/json"],"Date":["Sun, 24 Jan 2021 08:49:56 GMT"],"Link":["<https://acme-staging-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Replay-Nonce":["0003zWjRHKdHOvM-Z3OygFGWMOx-bvKZ2yQgLgc0xj8uDYA"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]}}
2021/01/24 08:49:56.395 ERROR tls.obtain will retry {"error": "[foo.rayj2.dev.tilia-inc.com] Obtain: [foo.rayj2.dev.tilia-inc.com] solving challenges: presenting for challenge: adding temporary record for zone dev.tilia-inc.com.: InvalidChangeBatch: InvalidChangeBatch: [Tried to create resource record set [name='_acme-challenge.foo.rayj2.dev.tilia-inc.com.', type='TXT'] but it already exists]\n\tstatus code: 400, request id: 4d186c0c-ac7a-4f7d-be48-cf5914cc972f (order=https://acme-staging-v02.api.letsencrypt.org/acme/order/17685901/227637346) (ca=https://acme-staging-v02.api.letsencrypt.org/directory)", "attempt": 1, "retrying_in": 60, "elapsed": 4.409548965, "max_duration": 2592000}
2021/01/24 08:49:56.413 ERROR tls.issuance.acme.acme_client cleaning up solver {"identifier": "bar.rayj2.dev.tilia-inc.com", "challenge_type": "dns-01", "error": "no memory of presenting a DNS record for bar.rayj2.dev.tilia-inc.com (probably OK if presenting failed)"}
2021/01/24 08:49:56.461 DEBUG tls.issuance.acme.acme_client http request {"method": "POST", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/197501390", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.3.0 CertMagic acmez (linux; amd64)"]}, "status_code": 200, "response_headers": {"Boulder-Requester":["17685902"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["830"],"Content-Type":["application/json"],"Date":["Sun, 24 Jan 2021 08:49:56 GMT"],"Link":["<https://acme-staging-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Replay-Nonce":["0004PzsuZkjlwXzsTN2vb7_7ZIuCdZ2SaSwgyDaKrgDugzY"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]}}
2021/01/24 08:49:56.462 ERROR tls.obtain will retry {"error": "[bar.rayj2.dev.tilia-inc.com] Obtain: [bar.rayj2.dev.tilia-inc.com] solving challenges: presenting for challenge: adding temporary record for zone dev.tilia-inc.com.: InvalidChangeBatch: InvalidChangeBatch: [Tried to create resource record set [name='_acme-challenge.bar.rayj2.dev.tilia-inc.com.', type='TXT'] but it already exists]\n\tstatus code: 400, request id: 03dc86e4-35b6-41e9-9e3a-73552783e870 (order=https://acme-staging-v02.api.letsencrypt.org/acme/order/17685902/227637347) (ca=https://acme-staging-v02.api.letsencrypt.org/directory)", "attempt": 1, "retrying_in": 60, "elapsed": 4.473865753, "max_duration": 2592000}
2021/01/24 08:50:56.579 DEBUG tls.issuance.acme.acme_client http request {"method": "HEAD", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/new-nonce", "headers": {"User-Agent":["Caddy/2.3.0 CertMagic acmez (linux; amd64)"]}, "status_code": 200, "response_headers": {"Cache-Control":["public, max-age=0, no-cache"],"Date":["Sun, 24 Jan 2021 08:50:56 GMT"],"Link":["<https://acme-staging-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Replay-Nonce":["0004eFIq0KTrF8PYh5Z_KZILlDP3-RBNMl9u-lgAcpk0CYA"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]}}
2021/01/24 08:50:56.645 DEBUG tls.issuance.acme.acme_client http request {"method": "POST", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/new-order", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.3.0 CertMagic acmez (linux; amd64)"]}, "status_code": 201, "response_headers": {"Boulder-Requester":["17685902"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["361"],"Content-Type":["application/json"],"Date":["Sun, 24 Jan 2021 08:50:56 GMT"],"Link":["<https://acme-staging-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Location":["https://acme-staging-v02.api.letsencrypt.org/acme/order/17685902/227637851"],"Replay-Nonce":["0004Lm-Nem_QezDRTCRVPK6D9Qzdwr2nLZwEW6ZzLMlZcZg"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]}}
2021/01/24 08:50:56.673 DEBUG tls.issuance.acme.acme_client http request {"method": "HEAD", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/new-nonce", "headers": {"User-Agent":["Caddy/2.3.0 CertMagic acmez (linux; amd64)"]}, "status_code": 200, "response_headers": {"Cache-Control":["public, max-age=0, no-cache"],"Date":["Sun, 24 Jan 2021 08:50:56 GMT"],"Link":["<https://acme-staging-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Replay-Nonce":["0004m_EtJY5s0yQMvWBgIjzlcmUoIagA1EiCcHSqY7caFUo"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]}}
2021/01/24 08:50:56.726 DEBUG tls.issuance.acme.acme_client http request {"method": "POST", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/197501829", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.3.0 CertMagic acmez (linux; amd64)"]}, "status_code": 200, "response_headers": {"Boulder-Requester":["17685902"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["826"],"Content-Type":["application/json"],"Date":["Sun, 24 Jan 2021 08:50:56 GMT"],"Link":["<https://acme-staging-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Replay-Nonce":["0004pjKFoJuYSLgfgdsCbGxst4HG60nBW_m9RqyDNYuplRw"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]}}
2021/01/24 08:50:56.726 INFO tls.issuance.acme.acme_client trying to solve challenge {"identifier": "foo.rayj2.dev.tilia-inc.com", "challenge_type": "dns-01", "ca": "https://acme-staging-v02.api.letsencrypt.org/directory"}
2021/01/24 08:50:56.798 DEBUG tls.issuance.acme.acme_client http request {"method": "POST", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/new-order", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.3.0 CertMagic acmez (linux; amd64)"]}, "status_code": 201, "response_headers": {"Boulder-Requester":["17685902"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["361"],"Content-Type":["application/json"],"Date":["Sun, 24 Jan 2021 08:50:56 GMT"],"Link":["<https://acme-staging-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Location":["https://acme-staging-v02.api.letsencrypt.org/acme/order/17685902/227637852"],"Replay-Nonce":["00043LybTHKBo2mayzXwVOxlEqCybUV3bmlFfhJfNY32nWA"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]}}
2021/01/24 08:50:56.847 DEBUG tls.issuance.acme.acme_client http request {"method": "POST", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/197501830", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.3.0 CertMagic acmez (linux; amd64)"]}, "status_code": 200, "response_headers": {"Boulder-Requester":["17685902"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["826"],"Content-Type":["application/json"],"Date":["Sun, 24 Jan 2021 08:50:56 GMT"],"Link":["<https://acme-staging-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Replay-Nonce":["0004Kq2Xc3UjLAMfsa-TI0y3vP0BGIe5jSnotCzeB176AVg"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]}}
2021/01/24 08:50:56.847 INFO tls.issuance.acme.acme_client trying to solve challenge {"identifier": "bar.rayj2.dev.tilia-inc.com", "challenge_type": "dns-01", "ca": "https://acme-staging-v02.api.letsencrypt.org/directory"}
2021/01/24 08:50:57.457 ERROR tls.issuance.acme.acme_client cleaning up solver {"identifier": "foo.rayj2.dev.tilia-inc.com", "challenge_type": "dns-01", "error": "no memory of presenting a DNS record for foo.rayj2.dev.tilia-inc.com (probably OK if presenting failed)"}
2021/01/24 08:50:57.511 DEBUG tls.issuance.acme.acme_client http request {"method": "POST", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/197501829", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.3.0 CertMagic acmez (linux; amd64)"]}, "status_code": 200, "response_headers": {"Boulder-Requester":["17685902"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["830"],"Content-Type":["application/json"],"Date":["Sun, 24 Jan 2021 08:50:57 GMT"],"Link":["<https://acme-staging-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Replay-Nonce":["0003qqUEX79S4ByvFSozwRynljn_d2qAGPRD_9PNXrgCIT0"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]}}
2021/01/24 08:50:57.511 ERROR tls.obtain will retry {"error": "[foo.rayj2.dev.tilia-inc.com] Obtain: [foo.rayj2.dev.tilia-inc.com] solving challenges: presenting for challenge: adding temporary record for zone dev.tilia-inc.com.: InvalidChangeBatch: InvalidChangeBatch: [Tried to create resource record set [name='_acme-challenge.foo.rayj2.dev.tilia-inc.com.', type='TXT'] but it already exists]\n\tstatus code: 400, request id: e7ca206d-72b3-423c-a379-eaabeddd269a (order=https://acme-staging-v02.api.letsencrypt.org/acme/order/17685902/227637851) (ca=https://acme-staging-v02.api.letsencrypt.org/directory)", "attempt": 2, "retrying_in": 120, "elapsed": 65.525519769, "max_duration": 2592000}
2021/01/24 08:50:57.569 ERROR tls.issuance.acme.acme_client cleaning up solver {"identifier": "bar.rayj2.dev.tilia-inc.com", "challenge_type": "dns-01", "error": "no memory of presenting a DNS record for bar.rayj2.dev.tilia-inc.com (probably OK if presenting failed)"}
2021/01/24 08:50:57.619 DEBUG tls.issuance.acme.acme_client http request {"method": "POST", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/197501830", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.3.0 CertMagic acmez (linux; amd64)"]}, "status_code": 200, "response_headers": {"Boulder-Requester":["17685902"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["830"],"Content-Type":["application/json"],"Date":["Sun, 24 Jan 2021 08:50:57 GMT"],"Link":["<https://acme-staging-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Replay-Nonce":["0003p0rQS9pHIABmKNI0A4Dv1MtX4ET0RVtuAknSFX9ut7Y"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]}}
2021/01/24 08:50:57.619 ERROR tls.obtain will retry {"error": "[bar.rayj2.dev.tilia-inc.com] Obtain: [bar.rayj2.dev.tilia-inc.com] solving challenges: presenting for challenge: adding temporary record for zone dev.tilia-inc.com.: InvalidChangeBatch: InvalidChangeBatch: [Tried to create resource record set [name='_acme-challenge.bar.rayj2.dev.tilia-inc.com.', type='TXT'] but it already exists]\n\tstatus code: 400, request id: c19c9838-50ed-4899-8fc7-85e57aea744f (order=https://acme-staging-v02.api.letsencrypt.org/acme/order/17685902/227637852) (ca=https://acme-staging-v02.api.letsencrypt.org/directory)", "attempt": 2, "retrying_in": 120, "elapsed": 65.631656277, "max_duration": 2592000}