1. Caddy version (caddy version
): 2.4.1
2. How I run Caddy:
a. System environment:
$ docker-compose version
docker-compose version 1.24.0, build 0aa59064
docker-py version: 3.7.2
CPython version: 3.6.8
OpenSSL version: OpenSSL 1.1.0j 20 Nov 2018
$ docker version
Client:
Version: 18.09.5
API version: 1.39
Go version: go1.10.8
Git commit: e8ff056
Built: Thu Apr 11 04:43:57 2019
OS/Arch: linux/amd64
Experimental: false
Server: Docker Engine - Community
Engine:
Version: 18.09.5
API version: 1.39 (minimum version 1.12)
Go version: go1.10.8
Git commit: e8ff056
Built: Thu Apr 11 04:10:53 2019
OS/Arch: linux/amd64
Experimental: false
On Ubuntu 18.04
b. Command:
env DOMAIN=adv-shr-this-is-a-very-long-name-with-many-chars.westeurope.cloudapp.azure.com docker-compose -f docker-compose.yml -f docker-compose.azurevm-highperf-caddy.yml
Note: The domain name is NOT fake. It exists for real.
c. Service/unit/compose file:
docker-compose.yml
:
version: "2"
services:
elasticsearch:
build:
context: elasticsearch/
volumes:
- elasticsearch-data:/usr/share/elasticsearch/data
- ./elasticsearch/config/elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml:ro
environment:
node.name: elasticsearch
cluster.initial_master_nodes: elasticsearch
ES_CLUSTER_NAME: search-cluster
ES_DATA_DIR: /usr/share/elasticsearch/data
networks:
- elk
kibana:
build:
context: kibana/
volumes:
- kibana-data:/usr/share/kibana/data
- ./kibana/config/:/usr/share/kibana/config:ro
environment:
KB_DATA_DIR: /usr/share/kibana/data
KB_ELASTICSEARCH_URL: http://elasticsearch:9200
KB_SERVER_NAME: kibana
networks:
- elk
depends_on:
- elasticsearch
volumes:
elasticsearch-data:
driver: local
kibana-data:
driver: local
networks:
elk:
driver: bridge
docker-compose.azurevm-highperf-caddy.yml
:
version: "2"
services:
elasticsearch:
restart: always
environment:
ES_JAVA_OPTS: "-Xmx4000m -Xms4000m"
kibana:
restart: always
environment:
KB_BASE_PATH: /kibana
caddy:
image: caddy:2.4.1
container_name: caddy
restart: always
volumes:
- caddy-config:/config
- caddy-data:/data
- ./caddy:/etc/caddy
ports:
- 80:80
- 443:443
networks:
- elk
depends_on:
- elasticsearch
volumes:
caddy-config:
driver: local
caddy-data:
driver: local
d. My complete Caddyfile or JSON config:
{
email alexander@skwar.me
debug
}
{$DOMAIN}:443
encode zstd gzip
log {
level DEBUG
output file /data/access.log {
roll_size 10MB
roll_keep 10
}
}
handle_path /elasticsearch* {
basicauth bcrypt Elasticsearch {
import elasticsearch.auth.*
}
reverse_proxy http://elasticsearch:9200
}
handle_path /kibana* {
basicauth bcrypt kibana {
import kibana.auth.*
}
reverse_proxy http://kibana:5601
}
3. The problem Iām having:
When I try to connect to the system with https and curl (or any browser, for that matter), I get an error:
* Rebuilt URL to: https://adv-shr-this-is-a-very-long-name-with-many-chars.westeurope.cloudapp.azure.com/
* Trying 20.101.68.227...
* TCP_NODELAY set
* Connected to adv-shr-this-is-a-very-long-name-with-many-chars.westeurope.cloudapp.azure.com (20.101.68.227) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS alert, Server hello (2):
* error:14094438:SSL routines:ssl3_read_bytes:tlsv1 alert internal error
* stopped the pause stream!
* Closing connection 0
curl: (35) error:14094438:SSL routines:ssl3_read_bytes:tlsv1 alert internal error
I see that thereās no cert in /data/caddy/certificates/acme.zerossl.com-v2-dv90
.
Is it because the domain name adv-shr-this-is-a-very-long-name-with-many-chars.westeurope.cloudapp.azure.com
is too long for ZeroSSL and/or Letās Encrypt?
4. Error messages and/or full log output:
{"level":"info","ts":1623251413.3436744,"msg":"using provided configuration","config_file":"/etc/caddy/Caddyfile","config_adapter":"caddyfile"}
{"level":"warn","ts":1623251413.348185,"msg":"input is not formatted with 'caddy fmt'","adapter":"caddyfile","file":"/etc/caddy/Caddyfile","line":2}
{"level":"warn","ts":1623251413.3529522,"logger":"admin","msg":"admin endpoint disabled"}
{"level":"info","ts":1623251413.3551383,"logger":"http","msg":"server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS","server_name":"srv0","https_port":443}
{"level":"info","ts":1623251413.356343,"logger":"http","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv0"}
{"level":"info","ts":1623251413.3653204,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0xc0002da000"}
{"level":"info","ts":1623251417.9922957,"logger":"tls","msg":"cleaning storage unit","description":"FileStorage:/data/caddy"}
{"level":"info","ts":1623251417.9952114,"logger":"tls","msg":"finished cleaning storage units"}
{"level":"debug","ts":1623251418.0029197,"logger":"http","msg":"starting server loop","address":"[::]:443","http3":false,"tls":true}
{"level":"debug","ts":1623251418.0043166,"logger":"http","msg":"starting server loop","address":"[::]:80","http3":false,"tls":false}
{"level":"info","ts":1623251418.004423,"logger":"http","msg":"enabling automatic TLS certificate management","domains":["adv-shr-this-is-a-very-long-name-with-many-chars.westeurope.cloudapp.azure.com"]}
{"level":"info","ts":1623251418.0209818,"logger":"tls.obtain","msg":"acquiring lock","identifier":"adv-shr-this-is-a-very-long-name-with-many-chars.westeurope.cloudapp.azure.com"}
{"level":"info","ts":1623251418.0235019,"msg":"autosaved config (load with --resume flag)","file":"/config/caddy/autosave.json"}
{"level":"info","ts":1623251418.0235305,"msg":"serving initial configuration"}
{"level":"info","ts":1623251418.045598,"logger":"tls.obtain","msg":"lock acquired","identifier":"adv-shr-this-is-a-very-long-name-with-many-chars.westeurope.cloudapp.azure.com"}
{"level":"info","ts":1623251418.0796387,"logger":"tls.issuance.acme","msg":"waiting on internal rate limiter","identifiers":["adv-shr-this-is-a-very-long-name-with-many-chars.westeurope.cloudapp.azure.com"]}
{"level":"info","ts":1623251418.0797331,"logger":"tls.issuance.acme","msg":"done waiting on internal rate limiter","identifiers":["adv-shr-this-is-a-very-long-name-with-many-chars.westeurope.cloudapp.azure.com"]}
{"level":"debug","ts":1623251418.6768203,"logger":"tls.issuance.acme.acme_client","msg":"http request","method":"GET","url":"https://acme.zerossl.com/v2/DV90","headers":{"User-Agent":["Caddy/2.4.1 CertMagic acmez (linux; amd64)"]},"status_code":200,"response_headers":{"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=-1"],"Content-Length":["645"],"Content-Type":["application/json"],"Date":["Wed, 09 Jun 2021 15:10:18 GMT"],"Server":["nginx"],"Strict-Transport-Security":["max-age=15552000"]}}
{"level":"debug","ts":1623251419.0241773,"logger":"tls.issuance.acme.acme_client","msg":"http request","method":"HEAD","url":"https://acme.zerossl.com/v2/DV90/newNonce","headers":{"User-Agent":["Caddy/2.4.1 CertMagic acmez (linux; amd64)"]},"status_code":200,"response_headers":{"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=-1"],"Content-Type":["application/octet-stream"],"Date":["Wed, 09 Jun 2021 15:10:19 GMT"],"Link":["<https://acme.zerossl.com/v2/DV90>;rel=\"index\""],"Replay-Nonce":["UNtYSeE2UiSqJ6MyMxFCEZ0q0L-2WM9rRoMJxvy4o3o"],"Server":["nginx"],"Strict-Transport-Security":["max-age=15552000"]}}
{"level":"debug","ts":1623251419.4353087,"logger":"tls.issuance.acme.acme_client","msg":"http request","method":"POST","url":"https://acme.zerossl.com/v2/DV90/newOrder","headers":{"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.4.1 CertMagic acmez (linux; amd64)"]},"status_code":201,"response_headers":{"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=0, no-cache, no-store","max-age=-1"],"Content-Length":["340"],"Content-Type":["application/json"],"Date":["Wed, 09 Jun 2021 15:10:19 GMT"],"Location":["https://acme.zerossl.com/v2/DV90/order/vLuglW6wgqbaAY5GMg056A"],"Replay-Nonce":["kyqWJQWXtJAdG3TAEnazrJLSQfPBrP9LUCoNt1bS8UU"],"Server":["nginx"],"Status":[""],"Strict-Transport-Security":["max-age=15552000"]}}
{"level":"debug","ts":1623251419.8020031,"logger":"tls.issuance.acme.acme_client","msg":"http request","method":"POST","url":"https://acme.zerossl.com/v2/DV90/authz/YPJsz7mUhtAO0EcpuOvrlg","headers":{"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.4.1 CertMagic acmez (linux; amd64)"]},"status_code":200,"response_headers":{"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=-1"],"Content-Length":["508"],"Content-Type":["application/json"],"Date":["Wed, 09 Jun 2021 15:10:19 GMT"],"Link":["<https://acme.zerossl.com/v2/DV90>;rel=\"index\""],"Replay-Nonce":["ESLv60XpXGTHcUTpsXgShqcOUSZTlRMTA-RSnFe07xk"],"Retry-After":["5"],"Server":["nginx"],"Strict-Transport-Security":["max-age=15552000"]}}
{"level":"debug","ts":1623251419.8037128,"logger":"tls.issuance.acme.acme_client","msg":"no solver configured","challenge_type":"dns-01"}
{"level":"info","ts":1623251419.8037598,"logger":"tls.issuance.acme.acme_client","msg":"trying to solve challenge","identifier":"adv-shr-this-is-a-very-long-name-with-many-chars.westeurope.cloudapp.azure.com","challenge_type":"http-01","ca":"https://acme.zerossl.com/v2/DV90"}
{"level":"debug","ts":1623251420.1927032,"logger":"tls.issuance.acme.acme_client","msg":"http request","method":"POST","url":"https://acme.zerossl.com/v2/DV90/chall/GcQ7ewfLTWeS6bDKkjTO_Q","headers":{"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.4.1 CertMagic acmez (linux; amd64)"]},"status_code":200,"response_headers":{"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=-1"],"Content-Length":["164"],"Content-Type":["application/json"],"Date":["Wed, 09 Jun 2021 15:10:20 GMT"],"Link":["<https://acme.zerossl.com/v2/DV90>;rel=\"index\"","<https://acme.zerossl.com/v2/DV90/authz/YPJsz7mUhtAO0EcpuOvrlg>;rel=\"up\""],"Replay-Nonce":["f4fAsVfc1MV_4GIg6FVmvLcmmRBu3TBRKcIhHAXryys"],"Retry-After":["10"],"Server":["nginx"],"Strict-Transport-Security":["max-age=15552000"]}}
{"level":"debug","ts":1623251420.1932778,"logger":"tls.issuance.acme.acme_client","msg":"challenge accepted","identifier":"adv-shr-this-is-a-very-long-name-with-many-chars.westeurope.cloudapp.azure.com","challenge_type":"http-01"}
{"level":"info","ts":1623251420.439978,"logger":"tls.issuance.acme","msg":"served key authentication","identifier":"adv-shr-this-is-a-very-long-name-with-many-chars.westeurope.cloudapp.azure.com","challenge":"http-01","remote":"91.199.212.132:51396","distributed":false}
{"level":"debug","ts":1623251420.8062305,"logger":"tls.issuance.acme.acme_client","msg":"http request","method":"POST","url":"https://acme.zerossl.com/v2/DV90/authz/YPJsz7mUhtAO0EcpuOvrlg","headers":{"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.4.1 CertMagic acmez (linux; amd64)"]},"status_code":200,"response_headers":{"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=-1"],"Content-Length":["378"],"Content-Type":["application/json"],"Date":["Wed, 09 Jun 2021 15:10:20 GMT"],"Link":["<https://acme.zerossl.com/v2/DV90>;rel=\"index\""],"Replay-Nonce":["SFqHMxycRmY039PERJZ375A958BbaPPWeRiUAoRCVYQ"],"Retry-After":["5"],"Server":["nginx"],"Strict-Transport-Security":["max-age=15552000"]}}
{"level":"info","ts":1623251420.8078237,"logger":"tls.issuance.acme.acme_client","msg":"validations succeeded; finalizing order","order":"https://acme.zerossl.com/v2/DV90/order/vLuglW6wgqbaAY5GMg056A"}
{"level":"debug","ts":1623251421.2598224,"logger":"tls.issuance.acme.acme_client","msg":"http request","method":"POST","url":"https://acme.zerossl.com/v2/DV90/order/vLuglW6wgqbaAY5GMg056A/finalize","headers":{"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.4.1 CertMagic acmez (linux; amd64)"]},"status_code":200,"response_headers":{"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=-1"],"Content-Length":["343"],"Content-Type":["application/json"],"Date":["Wed, 09 Jun 2021 15:10:21 GMT"],"Location":["https://acme.zerossl.com/v2/DV90/order/vLuglW6wgqbaAY5GMg056A"],"Replay-Nonce":["xThiYUSIBqrRBI5B3A7_f3UlwmRcohsHiBWbIfQUZG8"],"Retry-After":["15"],"Server":["nginx"],"Status":[""],"Strict-Transport-Security":["max-age=15552000"]}}
{"level":"debug","ts":1623251436.7821586,"logger":"tls.issuance.acme.acme_client","msg":"http request","method":"POST","url":"https://acme.zerossl.com/v2/DV90/order/vLuglW6wgqbaAY5GMg056A","headers":{"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.4.1 CertMagic acmez (linux; amd64)"]},"status_code":200,"response_headers":{"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=-1"],"Content-Length":["340"],"Content-Type":["application/json"],"Date":["Wed, 09 Jun 2021 15:10:36 GMT"],"Location":["https://acme.zerossl.com/v2/DV90/order/vLuglW6wgqbaAY5GMg056A"],"Replay-Nonce":["3GbgAGcSAPAJlU9oyq10JRPUEPq6eHtJiy44zxT9kU8"],"Server":["nginx"],"Status":[""],"Strict-Transport-Security":["max-age=15552000"]}}
{"level":"error","ts":1623251436.7836578,"logger":"tls.obtain","msg":"will retry","error":"[adv-shr-this-is-a-very-long-name-with-many-chars.westeurope.cloudapp.azure.com] Obtain: [adv-shr-this-is-a-very-long-name-with-many-chars.westeurope.cloudapp.azure.com] finalizing order https://acme.zerossl.com/v2/DV90/order/vLuglW6wgqbaAY5GMg056A: final order is invalid: <nil> (ca=https://acme.zerossl.com/v2/DV90)","attempt":1,"retrying_in":60,"elapsed":18.738007623,"max_duration":2592000}
{"level":"debug","ts":1623251497.2347658,"logger":"tls.issuance.acme.acme_client","msg":"http request","method":"HEAD","url":"https://acme.zerossl.com/v2/DV90/newNonce","headers":{"User-Agent":["Caddy/2.4.1 CertMagic acmez (linux; amd64)"]},"status_code":200,"response_headers":{"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=-1"],"Content-Type":["application/octet-stream"],"Date":["Wed, 09 Jun 2021 15:11:37 GMT"],"Link":["<https://acme.zerossl.com/v2/DV90>;rel=\"index\""],"Replay-Nonce":["GPO5vssmfrsZb8NsphHaT9sFalVbQyEuvQrWbiIdKQ8"],"Server":["nginx"],"Strict-Transport-Security":["max-age=15552000"]}}
{"level":"debug","ts":1623251497.6922028,"logger":"tls.issuance.acme.acme_client","msg":"http request","method":"POST","url":"https://acme.zerossl.com/v2/DV90/newOrder","headers":{"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.4.1 CertMagic acmez (linux; amd64)"]},"status_code":201,"response_headers":{"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=0, no-cache, no-store","max-age=-1"],"Content-Length":["340"],"Content-Type":["application/json"],"Date":["Wed, 09 Jun 2021 15:11:37 GMT"],"Location":["https://acme.zerossl.com/v2/DV90/order/oIru4wG4GACkgQ4_I3V8pw"],"Replay-Nonce":["p6Wp8uNX5zq9IX7XkVeYT0YcACoyJvwB9rTDF3xJLkE"],"Server":["nginx"],"Status":[""],"Strict-Transport-Security":["max-age=15552000"]}}
{"level":"debug","ts":1623251498.1034775,"logger":"tls.issuance.acme.acme_client","msg":"http request","method":"POST","url":"https://acme.zerossl.com/v2/DV90/authz/G6F1wLcxp43YxFjU0slxJw","headers":{"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.4.1 CertMagic acmez (linux; amd64)"]},"status_code":200,"response_headers":{"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=-1"],"Content-Length":["508"],"Content-Type":["application/json"],"Date":["Wed, 09 Jun 2021 15:11:38 GMT"],"Link":["<https://acme.zerossl.com/v2/DV90>;rel=\"index\""],"Replay-Nonce":["y95Fq-oMO6hF8-HAgDKqpZcLfZrPuWmwl2rjEU0OUFU"],"Retry-After":["5"],"Server":["nginx"],"Strict-Transport-Security":["max-age=15552000"]}}
{"level":"debug","ts":1623251498.103671,"logger":"tls.issuance.acme.acme_client","msg":"no solver configured","challenge_type":"dns-01"}
{"level":"info","ts":1623251498.103697,"logger":"tls.issuance.acme.acme_client","msg":"trying to solve challenge","identifier":"adv-shr-this-is-a-very-long-name-with-many-chars.westeurope.cloudapp.azure.com","challenge_type":"http-01","ca":"https://acme.zerossl.com/v2/DV90"}
{"level":"debug","ts":1623251498.5154495,"logger":"tls.issuance.acme.acme_client","msg":"http request","method":"POST","url":"https://acme.zerossl.com/v2/DV90/chall/0JuFrZ7i6hCBS-PYA8gAiQ","headers":{"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.4.1 CertMagic acmez (linux; amd64)"]},"status_code":200,"response_headers":{"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=-1"],"Content-Length":["164"],"Content-Type":["application/json"],"Date":["Wed, 09 Jun 2021 15:11:38 GMT"],"Link":["<https://acme.zerossl.com/v2/DV90>;rel=\"index\"","<https://acme.zerossl.com/v2/DV90/authz/G6F1wLcxp43YxFjU0slxJw>;rel=\"up\""],"Replay-Nonce":["kvevl5mbu_7xobZ5wLq_s4Wd-E5HI7anlvwmnaT4lSw"],"Retry-After":["10"],"Server":["nginx"],"Strict-Transport-Security":["max-age=15552000"]}}
{"level":"debug","ts":1623251498.515614,"logger":"tls.issuance.acme.acme_client","msg":"challenge accepted","identifier":"adv-shr-this-is-a-very-long-name-with-many-chars.westeurope.cloudapp.azure.com","challenge_type":"http-01"}
{"level":"info","ts":1623251498.6413262,"logger":"tls.issuance.acme","msg":"served key authentication","identifier":"adv-shr-this-is-a-very-long-name-with-many-chars.westeurope.cloudapp.azure.com","challenge":"http-01","remote":"91.199.212.132:46022","distributed":false}
{"level":"debug","ts":1623251499.1502078,"logger":"tls.issuance.acme.acme_client","msg":"http request","method":"POST","url":"https://acme.zerossl.com/v2/DV90/authz/G6F1wLcxp43YxFjU0slxJw","headers":{"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.4.1 CertMagic acmez (linux; amd64)"]},"status_code":200,"response_headers":{"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=-1"],"Content-Length":["378"],"Content-Type":["application/json"],"Date":["Wed, 09 Jun 2021 15:11:39 GMT"],"Link":["<https://acme.zerossl.com/v2/DV90>;rel=\"index\""],"Replay-Nonce":["QT-YAt3LB8zt66JGl3NE7X2SMjjWVtHoqZHMECRfFNk"],"Retry-After":["5"],"Server":["nginx"],"Strict-Transport-Security":["max-age=15552000"]}}
{"level":"info","ts":1623251499.1505473,"logger":"tls.issuance.acme.acme_client","msg":"validations succeeded; finalizing order","order":"https://acme.zerossl.com/v2/DV90/order/oIru4wG4GACkgQ4_I3V8pw"}
{"level":"debug","ts":1623251499.5651095,"logger":"tls.issuance.acme.acme_client","msg":"http request","method":"POST","url":"https://acme.zerossl.com/v2/DV90/order/oIru4wG4GACkgQ4_I3V8pw/finalize","headers":{"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.4.1 CertMagic acmez (linux; amd64)"]},"status_code":200,"response_headers":{"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=-1"],"Content-Length":["343"],"Content-Type":["application/json"],"Date":["Wed, 09 Jun 2021 15:11:39 GMT"],"Location":["https://acme.zerossl.com/v2/DV90/order/oIru4wG4GACkgQ4_I3V8pw"],"Replay-Nonce":["kTZi_0M7xwDQNnJuPtuPQmSs-fLN-OZXpb-U2fAH-eo"],"Retry-After":["15"],"Server":["nginx"],"Status":[""],"Strict-Transport-Security":["max-age=15552000"]}}
{"level":"debug","ts":1623251514.974668,"logger":"tls.issuance.acme.acme_client","msg":"http request","method":"POST","url":"https://acme.zerossl.com/v2/DV90/order/oIru4wG4GACkgQ4_I3V8pw","headers":{"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.4.1 CertMagic acmez (linux; amd64)"]},"status_code":200,"response_headers":{"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=-1"],"Content-Length":["340"],"Content-Type":["application/json"],"Date":["Wed, 09 Jun 2021 15:11:54 GMT"],"Location":["https://acme.zerossl.com/v2/DV90/order/oIru4wG4GACkgQ4_I3V8pw"],"Replay-Nonce":["AQl3duWUCvv5UiqL88WB3noBe1i_Irfn2NW467rT0Yo"],"Server":["nginx"],"Status":[""],"Strict-Transport-Security":["max-age=15552000"]}}
{"level":"error","ts":1623251514.9749296,"logger":"tls.obtain","msg":"will retry","error":"[adv-shr-this-is-a-very-long-name-with-many-chars.westeurope.cloudapp.azure.com] Obtain: [adv-shr-this-is-a-very-long-name-with-many-chars.westeurope.cloudapp.azure.com] finalizing order https://acme.zerossl.com/v2/DV90/order/oIru4wG4GACkgQ4_I3V8pw: final order is invalid: <nil> (ca=https://acme.zerossl.com/v2/DV90)","attempt":2,"retrying_in":120,"elapsed":96.929279498,"max_duration":2592000}
{"level":"debug","ts":1623251635.4839494,"logger":"tls.issuance.acme.acme_client","msg":"http request","method":"HEAD","url":"https://acme.zerossl.com/v2/DV90/newNonce","headers":{"User-Agent":["Caddy/2.4.1 CertMagic acmez (linux; amd64)"]},"status_code":200,"response_headers":{"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=-1"],"Content-Type":["application/octet-stream"],"Date":["Wed, 09 Jun 2021 15:13:55 GMT"],"Link":["<https://acme.zerossl.com/v2/DV90>;rel=\"index\""],"Replay-Nonce":["QfA9R7e-hu4p7rAzIgiNosQYb81UQyR_2GD26T3s7RE"],"Server":["nginx"],"Strict-Transport-Security":["max-age=15552000"]}}
{"level":"debug","ts":1623251635.9609659,"logger":"tls.issuance.acme.acme_client","msg":"http request","method":"POST","url":"https://acme.zerossl.com/v2/DV90/newOrder","headers":{"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.4.1 CertMagic acmez (linux; amd64)"]},"status_code":201,"response_headers":{"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=0, no-cache, no-store","max-age=-1"],"Content-Length":["340"],"Content-Type":["application/json"],"Date":["Wed, 09 Jun 2021 15:13:55 GMT"],"Location":["https://acme.zerossl.com/v2/DV90/order/C-vf9C90DqIZfxfRUTXwLw"],"Replay-Nonce":["kQg9cHXPMRSiM8FPi2bMtgz6pKNYNk3eRn9I2FHYy-A"],"Server":["nginx"],"Status":[""],"Strict-Transport-Security":["max-age=15552000"]}}
{"level":"debug","ts":1623251636.5822463,"logger":"tls.issuance.acme.acme_client","msg":"http request","method":"POST","url":"https://acme.zerossl.com/v2/DV90/authz/8mFa-ieQRTAE0IpP3M23lg","headers":{"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.4.1 CertMagic acmez (linux; amd64)"]},"status_code":200,"response_headers":{"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=-1"],"Content-Length":["508"],"Content-Type":["application/json"],"Date":["Wed, 09 Jun 2021 15:13:56 GMT"],"Link":["<https://acme.zerossl.com/v2/DV90>;rel=\"index\""],"Replay-Nonce":["NOCpU2M56caLzkVJHti-QDucR2bsFjkQeXIAMoVOlCM"],"Retry-After":["5"],"Server":["nginx"],"Strict-Transport-Security":["max-age=15552000"]}}
{"level":"debug","ts":1623251636.582459,"logger":"tls.issuance.acme.acme_client","msg":"no solver configured","challenge_type":"dns-01"}
{"level":"info","ts":1623251636.582493,"logger":"tls.issuance.acme.acme_client","msg":"trying to solve challenge","identifier":"adv-shr-this-is-a-very-long-name-with-many-chars.westeurope.cloudapp.azure.com","challenge_type":"http-01","ca":"https://acme.zerossl.com/v2/DV90"}
{"level":"debug","ts":1623251637.2832394,"logger":"tls.issuance.acme.acme_client","msg":"http request","method":"POST","url":"https://acme.zerossl.com/v2/DV90/chall/KX3uYKYah4316Cap7_csZQ","headers":{"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.4.1 CertMagic acmez (linux; amd64)"]},"status_code":200,"response_headers":{"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=-1"],"Content-Length":["164"],"Content-Type":["application/json"],"Date":["Wed, 09 Jun 2021 15:13:57 GMT"],"Link":["<https://acme.zerossl.com/v2/DV90>;rel=\"index\"","<https://acme.zerossl.com/v2/DV90/authz/8mFa-ieQRTAE0IpP3M23lg>;rel=\"up\""],"Replay-Nonce":["tBgAnetCokdbp53m8Krz8pLF0UDo0ewEb5PeFhVKD5A"],"Retry-After":["10"],"Server":["nginx"],"Strict-Transport-Security":["max-age=15552000"]}}
{"level":"debug","ts":1623251637.283376,"logger":"tls.issuance.acme.acme_client","msg":"challenge accepted","identifier":"adv-shr-this-is-a-very-long-name-with-many-chars.westeurope.cloudapp.azure.com","challenge_type":"http-01"}
{"level":"info","ts":1623251637.3965962,"logger":"tls.issuance.acme","msg":"served key authentication","identifier":"adv-shr-this-is-a-very-long-name-with-many-chars.westeurope.cloudapp.azure.com","challenge":"http-01","remote":"91.199.212.132:51794","distributed":false}
{"level":"debug","ts":1623251638.4777198,"logger":"tls.issuance.acme.acme_client","msg":"http request","method":"POST","url":"https://acme.zerossl.com/v2/DV90/authz/8mFa-ieQRTAE0IpP3M23lg","headers":{"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.4.1 CertMagic acmez (linux; amd64)"]},"status_code":200,"response_headers":{"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=-1"],"Content-Length":["378"],"Content-Type":["application/json"],"Date":["Wed, 09 Jun 2021 15:13:58 GMT"],"Link":["<https://acme.zerossl.com/v2/DV90>;rel=\"index\""],"Replay-Nonce":["TlekZQMjC_xhRRpRGIBnbFbfen02W-VEn92oYs5CU6g"],"Retry-After":["5"],"Server":["nginx"],"Strict-Transport-Security":["max-age=15552000"]}}
{"level":"info","ts":1623251638.4780781,"logger":"tls.issuance.acme.acme_client","msg":"validations succeeded; finalizing order","order":"https://acme.zerossl.com/v2/DV90/order/C-vf9C90DqIZfxfRUTXwLw"}
{"level":"debug","ts":1623251639.1042376,"logger":"tls.issuance.acme.acme_client","msg":"http request","method":"POST","url":"https://acme.zerossl.com/v2/DV90/order/C-vf9C90DqIZfxfRUTXwLw/finalize","headers":{"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.4.1 CertMagic acmez (linux; amd64)"]},"status_code":200,"response_headers":{"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=-1"],"Content-Length":["343"],"Content-Type":["application/json"],"Date":["Wed, 09 Jun 2021 15:13:59 GMT"],"Location":["https://acme.zerossl.com/v2/DV90/order/C-vf9C90DqIZfxfRUTXwLw"],"Replay-Nonce":["kQf3YfcYdir-R9bQBotemIi-mTy-hgN_W35-NfxLHXA"],"Retry-After":["15"],"Server":["nginx"],"Status":[""],"Strict-Transport-Security":["max-age=15552000"]}}
{"level":"debug","ts":1623251654.50661,"logger":"tls.issuance.acme.acme_client","msg":"http request","method":"POST","url":"https://acme.zerossl.com/v2/DV90/order/C-vf9C90DqIZfxfRUTXwLw","headers":{"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.4.1 CertMagic acmez (linux; amd64)"]},"status_code":200,"response_headers":{"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=-1"],"Content-Length":["340"],"Content-Type":["application/json"],"Date":["Wed, 09 Jun 2021 15:14:14 GMT"],"Location":["https://acme.zerossl.com/v2/DV90/order/C-vf9C90DqIZfxfRUTXwLw"],"Replay-Nonce":["6Q2v1N783g8S-IdF4IieJCOlRKA-M7TJrxUEDUg-_j0"],"Server":["nginx"],"Status":[""],"Strict-Transport-Security":["max-age=15552000"]}}
{"level":"error","ts":1623251654.5068607,"logger":"tls.obtain","msg":"will retry","error":"[adv-shr-this-is-a-very-long-name-with-many-chars.westeurope.cloudapp.azure.com] Obtain: [adv-shr-this-is-a-very-long-name-with-many-chars.westeurope.cloudapp.azure.com] finalizing order https://acme.zerossl.com/v2/DV90/order/C-vf9C90DqIZfxfRUTXwLw: final order is invalid: <nil> (ca=https://acme.zerossl.com/v2/DV90)","attempt":3,"retrying_in":120,"elapsed":236.461209967,"max_duration":2592000}
{"level":"debug","ts":1623251774.9379306,"logger":"tls.issuance.acme.acme_client","msg":"http request","method":"HEAD","url":"https://acme.zerossl.com/v2/DV90/newNonce","headers":{"User-Agent":["Caddy/2.4.1 CertMagic acmez (linux; amd64)"]},"status_code":200,"response_headers":{"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=-1"],"Content-Type":["application/octet-stream"],"Date":["Wed, 09 Jun 2021 15:16:14 GMT"],"Link":["<https://acme.zerossl.com/v2/DV90>;rel=\"index\""],"Replay-Nonce":["Gcs_lFpdjyz3yO-VMmSDRyDAADlrfJ-g8jrLlj_pZFE"],"Server":["nginx"],"Strict-Transport-Security":["max-age=15552000"]}}
{"level":"debug","ts":1623251775.3569002,"logger":"tls.issuance.acme.acme_client","msg":"http request","method":"POST","url":"https://acme.zerossl.com/v2/DV90/newOrder","headers":{"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.4.1 CertMagic acmez (linux; amd64)"]},"status_code":201,"response_headers":{"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=0, no-cache, no-store","max-age=-1"],"Content-Length":["340"],"Content-Type":["application/json"],"Date":["Wed, 09 Jun 2021 15:16:15 GMT"],"Location":["https://acme.zerossl.com/v2/DV90/order/QAUpeO__DiyuYFffVu7OlA"],"Replay-Nonce":["7-m_LsDTaTNTjHPCuRD-ck68ZCoq0WPTRqv-BAQ0cIk"],"Server":["nginx"],"Status":[""],"Strict-Transport-Security":["max-age=15552000"]}}