Ignore/Delete This Thread

Solved, will post a new thread/tutorial.

tls: failed to find any PEM data in certificate input comes from golang’s built in crypto/tls.

There are some checks there to make sure the data is formatted correctly.

I understand it needs to take the format:

-----BEGIN CERTIFICATE-----
[snip]
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
[snip]
-----END CERTIFICATE-----

etc. for the certificate chain, and for the key:

-----BEGIN RSA PRIVATE KEY-----
[snip]
-----END RSA PRIVATE KEY-----

Some similar issues have floated around, such as this one for traefik (which has similar certificate management capabilities to Caddy), where the user had a malformed file (missing a single dash in the END PRIVATE RSA KEY line!):

That was the issue! My cat command didn’t break the END/BEGIN lines. Thank you for the suggestion. Now I have a different problem …

caddy[445]: 2017/10/31 09:21:01 [INFO] Successfully loaded TLS assets from /etc/ssl/caddy/[domain].pem and /etc/ssl/caddy/[domain].key.pem
caddy[445]: 2017/10/31 09:21:01 [NOTICE] There is already a certificate loaded for [domain].com, so certificate for [[domain].com www.[domain].com] will not service that name
caddy[445]: 2017/10/31 09:21:01 [NOTICE] There is already a certificate loaded for www.[domain].com, so certificate for [www.[domain].com] will not service that name

I edited my systemd file to remove -agree=“true” and restarted, but to no effect. Caddy continues to download a cert into /etc/ssl/caddy/ocsp/

The OCSP staple is not a certificate. :wink:

The notices are there because it looks like there are multiple certificates being loaded…

Solved, will post a new thread/tutorial.

Could you post your full Caddyfile? Might help us explain exactly what Caddy is doing.

Solved, will post a new thread/tutorial.

Automatic HTTPS should definitely be off, so Caddy won’t be doing ACME unless there are other sites in the Caddyfile. Do you have any left-over ACME certificates maybe from before you provided your own?

Which cert is provided by Caddy when you browse to your site?

Hmm, the [NOTICE] messages earlier aren’t indicative of a blocking error, as far as I know… If Caddy is exiting, the answer is very likely to be in the process log.

Do you get the same result running the ExecStart command manually from shell?

Have you tried stopping Caddy entirely and restarting it? Does the NOTICE still appear then?

Well, there really is nothing useful there… Caddy just exits.

See if you can either implicate or rule out systemd by running the ExecStart from shell. You’ll be getting stdout directly from Caddy, so if it just dies, and there’s still nothing… It’s probably time to put this on the Github issue tracker.

So how did you solve the problem? (It could be useful for others encountering a similar issue.)

This is a really weird thing to do to delete your posts from a forum!

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.