job_noam
(Noam)
August 16, 2021, 12:27am
1
This server runs Caddy 0.11.4 (I know )
One of my domain names doesn’t get an SSL.
All existing domains working well, also the new ones.
This is the error I keep getting on that domain:
Aug 16 00:02:39 ip-172-30-3-236 caddy[1026]: 2021/08/16 00:02:39 [INFO] [www.userDomain.com.au] acme: Obtaining bundled SAN certificate
Aug 16 00:02:39 ip-172-30-3-236 caddy[1026]: 2021/08/16 00:02:39 [INFO] nonce error retry: acme: error: 400 :: POST :: https://acme-v02.api.letsencrypt.org/acme/new-order :: urn:ietf:params:acme:error:badNonce :: JWS has an invalid anti-replay nonce: "0101G9PMTXw5oiriHBCoq28DpfOV1RUxOJcpFJH_K3E6Ok0", url:
Aug 16 00:02:40 ip-172-30-3-236 caddy[1026]: 2021/08/16 00:02:40 [INFO] [www.userDomain.com.au] acme: Obtaining bundled SAN certificate
Aug 16 00:03:28 ip-172-30-3-236 sshd[14799]: Accepted publickey for ubuntu from 212.235.8.000 port 53531 ssh2: RSA SHA256:0ZkeQjlpyNtAJY5fVlAH87j8y5d1Qdtc6coxWLdkFk8
That’s too old of a Caddy version, and it’s no longer supported. Please upgrade to Caddy v2.
job_noam
(Noam)
August 16, 2021, 12:44am
3
Yes I’m working on it
But I still need to fix bugs until I finish the transfer.
It’s very possible that just upgrading Caddy will fix the issue. Try that first.
job_noam
(Noam)
August 16, 2021, 12:59am
5
It’s a really big server, I can’t just “upgrade” it before we build a mirror environment.
So we’re doing it step-by-step but until we finish all the tests we still need to understand this error that start showing.
Well, the reality is, you’ve waited 2.5 years to upgrade. That’s too long. It’s no longer supported.
matt
(Matt Holt)
August 16, 2021, 3:39am
7
That’s a known bug in old Caddy caused by the lego library, which Caddy 2 no longer uses.
I haven’t seen any recent reports of that error in Caddy v2, so I suspect upgrading will fix it. I wish I could help any other way with your transition to v2, but for this specific question/error, that’s the best I can do because we fixed the bug over a year ago by replacing lego with acmez .
1 Like
job_noam
(Noam)
August 16, 2021, 6:54am
8
Thx for all the details. So we will make the upgrade this week
2 Likes
matt
(Matt Holt)
August 17, 2021, 4:08am
9
Keep us posted! I’m curious how it goes.
job_noam
(Noam)
August 18, 2021, 7:44am
10
We stopped getting this error on the new servers (Caddy 2.4.3). The domain that didn’t work on 0.11 starts working now.
2 Likes
system
(system)
Closed
September 15, 2021, 12:27am
11
This topic was automatically closed after 30 days. New replies are no longer allowed.