1. My Caddy version (caddy version
):
./caddy version
2020/04/03 16:58:22 args:2 - Error during parsing: Unknown directive 'version'
It’s the latest 1.x release on GitHub on MacOS
2. How I run Caddy:
I can’t seem to get Caddy to work anymore?
a. System environment:
IP is: 134.122.101.204
DNS A record exists:
ping -c 1 134.122.101.204
PING 134.122.101.204 (134.122.101.204): 56 data bytes
64 bytes from 134.122.101.204: icmp_seq=0 ttl=49 time=17.525 ms
ping -c 1 dashboard.myfaas.club
PING dashboard.myfaas.club (34.122.101.204): 56 data bytes
b. Command:
sudo ./caddy
sudo
was required to access port 80 and 443, when I omitted sudo, then it ran with the tls-alpn-01 solver
which also didn’t work
c. Service/unit/compose file:
paste full file contents here
d. My complete Caddyfile or JSON config:
dashboard.myfaas.club
proxy / 127.0.0.1:3000 {
transparent
}
3. The problem I’m having:
I’d like to get a TLS cert over HTTP01
4. Error messages and/or full log output:
space-mini:caddy_v1.0.4_darwin_amd64 alex$ sudo ./caddy
Password:
Activating privacy features... 2020/04/03 16:56:15 [INFO] [dashboard.myfaas.club] acme: Obtaining bundled SAN certificate
2020/04/03 16:56:15 [INFO] [dashboard.myfaas.club] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/3738850036
2020/04/03 16:56:15 [INFO] [dashboard.myfaas.club] acme: Could not find solver for: tls-alpn-01
2020/04/03 16:56:15 [INFO] [dashboard.myfaas.club] acme: use http-01 solver
2020/04/03 16:56:15 [INFO] [dashboard.myfaas.club] acme: Trying to solve HTTP-01
2020/04/03 16:56:30 [INFO] Deactivating auth: https://acme-v02.api.letsencrypt.org/acme/authz-v3/3738850036
2020/04/03 16:56:30 [INFO] Unable to deactivate the authorization: https://acme-v02.api.letsencrypt.org/acme/authz-v3/3738850036
2020/04/03 16:56:31 [INFO] [dashboard.myfaas.club] acme: Obtaining bundled SAN certificate
2020/04/03 16:56:32 [INFO] [dashboard.myfaas.club] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/3738853539
2020/04/03 16:56:32 [INFO] [dashboard.myfaas.club] acme: Could not find solver for: tls-alpn-01
2020/04/03 16:56:32 [INFO] [dashboard.myfaas.club] acme: use http-01 solver
2020/04/03 16:56:32 [INFO] [dashboard.myfaas.club] acme: Trying to solve HTTP-01
2020/04/03 16:56:44 [INFO] Deactivating auth: https://acme-v02.api.letsencrypt.org/acme/authz-v3/3738853539
2020/04/03 16:56:44 [INFO] Unable to deactivate the authorization: https://acme-v02.api.letsencrypt.org/acme/authz-v3/3738853539
2020/04/03 16:56:45 [INFO] [dashboard.myfaas.club] acme: Obtaining bundled SAN certificate
2020/04/03 16:56:47 [INFO] [dashboard.myfaas.club] acme: Obtaining bundled SAN certificate
2020/04/03 16:56:48 [INFO] [dashboard.myfaas.club] acme: Obtaining bundled SAN certificate
2020/04/03 16:56:49 [INFO] [dashboard.myfaas.club] acme: Obtaining bundled SAN certificate
2020/04/03 16:56:50 failed to obtain certificate: acme: error: 429 :: POST :: https://acme-v02.api.letsencrypt.org/acme/new-order :: urn:ietf:params:acme:error:rateLimited :: Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/, url:
5. What I already tried:
space-mini:caddy_v1.0.4_darwin_amd64 alex$ ./caddy
Activating privacy features...
Your sites will be served over HTTPS automatically using Let's Encrypt.
By continuing, you agree to the Let's Encrypt Subscriber Agreement at:
https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf
Please enter your email address to signify agreement and to be notified
in case of issues. You can leave it blank, but we don't recommend it.
Email address: web@openfaas.com
2020/04/03 16:46:48 [INFO] acme: Registering account for web@openfaas.com
2020/04/03 16:46:48 [INFO] [dashboard.myfaas.club] acme: Obtaining bundled SAN certificate
2020/04/03 16:46:49 [INFO] [dashboard.myfaas.club] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/3738725881
2020/04/03 16:46:49 [INFO] [dashboard.myfaas.club] acme: use tls-alpn-01 solver
2020/04/03 16:46:49 [INFO] [dashboard.myfaas.club] acme: Trying to solve TLS-ALPN-01
2020/04/03 16:47:05 [INFO] Deactivating auth: https://acme-v02.api.letsencrypt.org/acme/authz-v3/3738725881
2020/04/03 16:47:05 [INFO] Unable to deactivate the authorization: https://acme-v02.api.letsencrypt.org/acme/authz-v3/3738725881
2020/04/03 16:47:06 [INFO] [dashboard.myfaas.club] acme: Obtaining bundled SAN certificate
2020/04/03 16:47:06 [INFO] [dashboard.myfaas.club] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/3738729880
2020/04/03 16:47:06 [INFO] [dashboard.myfaas.club] acme: use tls-alpn-01 solver
2020/04/03 16:47:06 [INFO] [dashboard.myfaas.club] acme: Trying to solve TLS-ALPN-01
2020/04/03 16:47:25 [INFO] Deactivating auth: https://acme-v02.api.letsencrypt.org/acme/authz-v3/3738729880
2020/04/03 16:47:25 [INFO] Unable to deactivate the authorization: https://acme-v02.api.letsencrypt.org/acme/authz-v3/3738729880
2020/04/03 16:47:26 [INFO] [dashboard.myfaas.club] acme: Obtaining bundled SAN certificate
2020/04/03 16:47:26 [INFO] [dashboard.myfaas.club] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/3738734240
2020/04/03 16:47:26 [INFO] [dashboard.myfaas.club] acme: use tls-alpn-01 solver
2020/04/03 16:47:26 [INFO] [dashboard.myfaas.club] acme: Trying to solve TLS-ALPN-01
Also curl to the upstream is working OK
curl 127.0.0.1:3000
<a href="/login">Found</a>.
I also tried using additional ca flags to use staging and to force off the alpn solver:
sudo ./caddy -ca=https://acme-staging-v02.api.letsencrypt.org/directory -disable-tls-alpn-challenge
Activating privacy features... 2020/04/03 17:11:49 [INFO] [dashboard.myfaas.club] acme: Obtaining bundled SAN certificate
2020/04/03 17:11:50 [INFO] [dashboard.myfaas.club] AuthURL: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/47273662
2020/04/03 17:11:50 [INFO] [dashboard.myfaas.club] acme: Could not find solver for: tls-alpn-01
2020/04/03 17:11:50 [INFO] [dashboard.myfaas.club] acme: use http-01 solver
2020/04/03 17:11:50 [INFO] [dashboard.myfaas.club] acme: Trying to solve HTTP-01
2020/04/03 17:12:06 [INFO] Deactivating auth: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/47273662
2020/04/03 17:12:07 [INFO] Unable to deactivate the authorization: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/47273662
2020/04/03 17:12:08 [INFO] [dashboard.myfaas.club] acme: Obtaining bundled SAN certificate
2020/04/03 17:12:08 [INFO] [dashboard.myfaas.club] AuthURL: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/47273734
2020/04/03 17:12:08 [INFO] [dashboard.myfaas.club] acme: Could not find solver for: tls-alpn-01
2020/04/03 17:12:08 [INFO] [dashboard.myfaas.club] acme: use http-01 solver
2020/04/03 17:12:08 [INFO] [dashboard.myfaas.club] acme: Trying to solve HTTP-01
6. Links to relevant resources:
This is for a tutorial in draft, but I can’t complete it if I can’t get it working, so I need some assistance.