Https on digital ocean with ubuntu 14.04

Leland-Kwong · November 5, 2016, 4:37am

I can’t quite figure out why it fails to get a certificate. The log output is:

Activating privacy features...2016/11/05 00:36:15 [INFO][lelandkwong.com] acme: Obtaining bundled SAN certificate
2016/11/05 00:36:15 [INFO][lelandkwong.com] acme: Trying to solve HTTP-01
2016/11/05 00:36:21 [lelandkwong.com] failed to get certificate: acme: Error 400 - urn:acme:error:connection - Could not connect to lelandkwong.com
Error Detail:
	Validation for lelandkwong.com:80
	Resolved to:
		159.203.246.76
	Used: 159.203.246.76

Any ideas would be appreciated.

Thanks!

matt · November 5, 2016, 3:15pm

Looks like your port 80 is inaccessible for some reason.

Leland-Kwong · November 5, 2016, 11:55pm

I reinstalled caddy with the dns option.

my caddyfile is:

lelandkwong.com, www.lelandkwong.com
tls {
  dns digitalocean
}

This time I got this:

Activating privacy features...2016/11/05 19:53:15 [INFO][lelandkwong.com] acme: Obtaining bundled SAN certificate
2016/11/05 19:53:16 [INFO][lelandkwong.com] acme: Could not find solver for: http-01
2016/11/05 19:53:16 [INFO][lelandkwong.com] acme: Trying to solve DNS-01
2016/11/05 19:53:16 [lelandkwong.com] failed to get certificate: Error presenting token: HTTP 401: unauthorized: Unable to authenticate you.

Leland-Kwong · November 5, 2016, 11:59pm

Actually, I realized I need to set credentials for the environment variable, I’ll try that first.

Leland-Kwong · November 6, 2016, 12:08am

I’m so clueless at this server stuff. What does it mean to set the environment variable for ‘digital ocean’ with DO_AUTH_TOKEN?

matt · November 6, 2016, 12:17am

In order to use Digital Ocean’s API, you need an auth token from your DO account. So you can get that from your DO account under API settings or something (you might have to create one).

But yeah, once you set that env var, it should work for you! (Assuming your domain’s nameservers are at DigitalOcean.)

Leland-Kwong · November 6, 2016, 1:28am

Thanks Matt. After tons of trial and error, I finally got https working!

Leland-Kwong · November 6, 2016, 1:30am

Thought I’d add that this helped me get things going.

vintagesucks · November 7, 2016, 8:27am

Glad to hear my little script helped you, @Leland-Kwong

radionov · November 17, 2018, 9:16am

Just stuck with same 403 error and then figured out that I didn’t allow write access in DO panel. I know it’s silly but can be helpful to somebody.