No certificate available for Domain

1. Caddy version (caddy version):

V2.0.0

2. How I run Caddy:

Caddyfile

a. System environment:

Ubuntu 18.04.4.

b. Command:

caddy run

c. Service/unit/compose file:

paste full file contents here

d. My complete Caddyfile or JSON config:

#The Caddyfile is an easy way to configure your Caddy web server.
#
# Unless the file starts with a global options block, the first
# uncommented line is always the address of your site.
#
# To use your own domain name (with automatic HTTPS), first make
# sure your domain's A/AAAA DNS records are properly pointed to
# this machine's public IP, then replace the line below with your
# domain name
www.financialnow.org,
www.itexplanation.com,
www.secured-health.com{
  reverse_proxy localhost:8080
}

# Set this path to your site's directory.
#root * /usr/share/caddy

# Enable the static file server.
#file_server

# Another common task is to set up a reverse proxy:

# Or serve a PHP site through php-fpm:
# php_fastcgi localhost:9000

# Refer to the Caddy docs for more information:
# https://caddyserver.com/docs/cad

3. The problem I’m having:

Caddy is not able to retrieve a certificate for my domains. I have searched through a lot of posts this week and can not find anything to help me.

4. Error messages and/or full log output:

2020/07/30 01:47:10.307	INFO	admin	admin endpoint started	{"address": "tcp/localhost:2019", "enforce_origin": false, "origins": ["localhost:2019", "[::1]:2019", "127.0.0.1:2019"]}
2020/07/30 01:47:10.307	INFO	http	server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS	{"server_name": "srv0", "https_port": 443}
2020/07/30 01:47:10.307	INFO	http	enabling automatic HTTP->HTTPS redirects	{"server_name": "srv0"}
2020/07/30 01:47:10.309	INFO	tls	cleaned up storage units
2020/07/30 01:47:10.309	INFO	http	enabling automatic TLS certificate management	{"domains": ["www.itexplanation.com", "www.financialnow.org"]}
2020/07/30 01:47:10 [INFO][cache:0xc00001fc20] Started certificate maintenance routine
2020/07/30 01:47:10.320	INFO	autosaved config	{"file": "/root/.config/caddy/autosave.json"}
2020/07/30 01:47:10.320	INFO	serving initial configuration
2020/07/30 01:50:58 http: TLS handshake error from 192.0.102.40:51731: no certificate available for 'itexplanation.com'
2020/07/30 01:57:36 http: TLS handshake error from 209.17.97.2:65341: tls: client offered only unsupported versions: [302 301]
2020/07/30 01:58:36 http: TLS handshake error from 44.224.22.196:4597: tls: first record does not look like a TLS handshake
2020/07/30 01:58:36 http: TLS handshake error from 44.224.22.196:10187: tls: first record does not look like a TLS handshake
2020/07/30 01:58:36 http: TLS handshake error from 44.224.22.196:41436: tls: first record does not look like a TLS handshake
2020/07/30 01:58:36 http: TLS handshake error from 44.224.22.196:20786: tls: first record does not look like a TLS handshake
2020/07/30 01:58:36 http: TLS handshake error from 44.224.22.196:14662: tls: first record does not look like a TLS handshake
2020/07/30 01:58:37 http: TLS handshake error from 44.224.22.196:23802: tls: first record does not look like a TLS handshake
2020/07/30 01:58:37 http: TLS handshake error from 44.224.22.196:42513: tls: first record does not look like a TLS handshake
2020/07/30 01:58:37 http: TLS handshake error from 44.224.22.196:7178: tls: first record does not look like a TLS handshake
2020/07/30 01:58:37 http: TLS handshake error from 44.224.22.196:33958: tls: first record does not look like a TLS handshake
2020/07/30 01:58:37 http: TLS handshake error from 44.224.22.196:63000: tls: first record does not look like a TLS handshake
2020/07/30 01:58:37 http: TLS handshake error from 44.224.22.196:40447: no certificate available for '10.10.0.194'
2020/07/30 01:58:38 http: TLS handshake error from 44.224.22.196:47770: no certificate available for '10.10.0.194'
2020/07/30 01:58:38 http: TLS handshake error from 44.224.22.196:54219: no certificate available for '10.10.0.194'
2020/07/30 01:58:38 http: TLS handshake error from 44.224.22.196:57909: no certificate available for '10.10.0.194'
2020/07/30 01:58:38 http: TLS handshake error from 44.224.22.196:26311: no certificate available for '10.10.0.194'
2020/07/30 01:58:48 http: TLS handshake error from 192.0.102.40:26166: no certificate available for 'itexplanation.com'
2020/07/30 02:06:48 http: TLS handshake error from 192.0.102.40:24473: no certificate available for 'itexplanation.com'
2020/07/30 02:15:36 http: TLS handshake error from 192.0.102.40:62671: no certificate available for 'itexplanation.com'
2020/07/30 02:22:14 http: TLS handshake error from 192.0.102.40:45443: no certificate available for 'itexplanation.com'
2020/07/30 02:30:09 http: TLS handshake error from 192.0.102.40:29358: no certificate available for 'itexplanation.com'
2020/07/30 02:36:03 http: TLS handshake error from 192.35.168.96:35616: no certificate available for '10.10.0.194'
2020/07/30 02:38:06 http: TLS handshake error from 192.0.102.40:30341: no certificate available for 'itexplanation.com'
2020/07/30 02:40:24 http: TLS handshake error from 45.76.236.226:65035: no certificate available for 'financialnow.org'
2020/07/30 02:40:24 http: TLS handshake error from 45.76.236.226:65034: no certificate available for 'financialnow.org'
2020/07/30 02:40:24 http: TLS handshake error from 45.76.236.226:65036: no certificate available for 'financialnow.org'
2020/07/30 02:40:24 http: TLS handshake error from 45.76.236.226:65037: no certificate available for 'financialnow.org'
2020/07/30 02:40:27 http: TLS handshake error from 45.76.236.226:65041: no certificate available for 'financialnow.org'
2020/07/30 02:40:27 http: TLS handshake error from 45.76.236.226:65042: no certificate available for 'financialnow.org'
2020/07/30 02:40:27 http: TLS handshake error from 45.76.236.226:65043: no certificate available for 'financialnow.org'
2020/07/30 02:40:27 http: TLS handshake error from 45.76.236.226:65044: no certificate available for 'financialnow.org'
2020/07/30 02:40:27 http: TLS handshake error from 45.76.236.226:65045: no certificate available for 'financialnow.org'
2020/07/30 02:40:28 http: TLS handshake error from 45.76.236.226:65046: no certificate available for 'financialnow.org'
2020/07/30 02:45:45 http: TLS handshake error from 192.0.102.40:57857: no certificate available for 'itexplanation.com'
2020/07/30 02:50:06 http: TLS handshake error from 88.80.189.24:40390: no certificate available for '10.10.0.194'
2020/07/30 02:51:47 http: TLS handshake error from 40.77.167.103:10062: no certificate available for 'itexplanation.com'
2020/07/30 02:51:47 http: TLS handshake error from 40.77.167.103:10067: tls: client offered only unsupported versions: [302 301]
2020/07/30 02:51:47 http: TLS handshake error from 40.77.167.103:10125: tls: client offered only unsupported versions: [301]
2020/07/30 02:51:47 http: TLS handshake error from 40.77.167.103:10209: EOF
2020/07/30 02:54:36 http: TLS handshake error from 192.0.102.40:57072: no certificate available for 'itexplanation.com'
2020/07/30 03:01:27 http: TLS handshake error from 192.0.102.40:27419: no certificate available for 'itexplanation.com'
2020/07/30 03:04:25 http: TLS handshake error from 18.224.64.175:49450: no certificate available for 'financialnow.org'
2020/07/30 03:05:12 http: TLS handshake error from 183.182.48.171:48349: no certificate available for '10.10.0.194'
2020/07/30 03:09:17 http: TLS handshake error from 192.0.102.40:16695: no certificate available for 'itexplanation.com'
2020/07/30 03:17:00 http: TLS handshake error from 192.0.102.40:47277: no certificate available for 'itexplanation.com'
2020/07/30 03:20:33 http: TLS handshake error from 3.226.72.180:39410: no certificate available for '10.10.0.194'
2020/07/30 03:25:17 http: TLS handshake error from 192.0.102.40:60706: no certificate available for 'itexplanation.com'

5. What I already tried:

The A records for each domain are pointing to Caddy. I can watch Caddy search for a certificate each time I try to reach the domain using a browser.

6. Links to relevant resources:

Simple enough, fortunately. :slight_smile: You told Caddy to serve www.financialnow.org, not financialnow.org. You can either change that in your config file or serve both. Should solve the problem!

(Same with the other domains)

1 Like

Also, you have a syntax error in your config. You must have a space between your domain and the {. If you look at your logs, you’ll notice that domain isn’t listed.

2 Likes

Thank you Matt, that worked. I made the change, reloaded the Caddyfile and it worked immediately. I had changed the Caddyfile about 30 different ways, and I thought I had tried the domain without the WWW, but I don’t care. It works now. Thank you!! I posted my end results below for the next guy looking for the same answer.

financialnow.org,
itexplanation.com,
secured-health.com {
  reverse_proxy localhost:8080
}
4 Likes

Thank you, francislavoie. I placed a space in front of {as you suggested. Thank you!!

3 Likes