1. The problem I’m having:
$ curl -vL https://docker.io
* Host docker.io:443 was resolved.
* IPv6: (none)
* IPv4: 127.0.1.1
* Trying 127.0.1.1:443...
* GnuTLS ciphers: NORMAL:-ARCFOUR-128:-CTYPE-ALL:+CTYPE-X509:-VERS-SSL3.0
* ALPN: curl offers h2,http/1.1
* found 140 certificates in /etc/ssl/certs/ca-certificates.crt
* found 423 certificates in /etc/ssl/certs
* GnuTLS, handshake failed: Internal error
* closing connection #0
curl: (35) GnuTLS, handshake failed: Internal error
$ sudo docker pull docker.io/mysql:8.0.40-debian
[sudo] password for anlexn:
Error response from daemon: Get "https://registry-1.docker.io/v2/": remote error: tls: internal error
2. Error messages and/or full log output:
Mar 04 06:41:35 DOOR systemd[1]: Starting caddy.service - Caddy...
Mar 04 06:41:35 DOOR caddy[670248]: caddy.HomeDir=/var/lib/caddy
Mar 04 06:41:35 DOOR caddy[670248]: caddy.AppDataDir=/var/lib/caddy/.local/share/caddy
Mar 04 06:41:35 DOOR caddy[670248]: caddy.AppConfigDir=/var/lib/caddy/.config/caddy
Mar 04 06:41:35 DOOR caddy[670248]: caddy.ConfigAutosavePath=/var/lib/caddy/.config/caddy/autosave.json
Mar 04 06:41:35 DOOR caddy[670248]: caddy.Version=2.6.2
Mar 04 06:41:35 DOOR caddy[670248]: runtime.GOOS=linux
Mar 04 06:41:35 DOOR caddy[670248]: runtime.GOARCH=amd64
Mar 04 06:41:35 DOOR caddy[670248]: runtime.Compiler=gc
Mar 04 06:41:35 DOOR caddy[670248]: runtime.NumCPU=8
Mar 04 06:41:35 DOOR caddy[670248]: runtime.GOMAXPROCS=8
Mar 04 06:41:35 DOOR caddy[670248]: runtime.Version=go1.24.0
Mar 04 06:41:35 DOOR caddy[670248]: os.Getwd=/
Mar 04 06:41:35 DOOR caddy[670248]: LANG=en_US.UTF-8
Mar 04 06:41:35 DOOR caddy[670248]: PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin
Mar 04 06:41:35 DOOR caddy[670248]: NOTIFY_SOCKET=/run/systemd/notify
Mar 04 06:41:35 DOOR caddy[670248]: USER=caddy
Mar 04 06:41:35 DOOR caddy[670248]: LOGNAME=caddy
Mar 04 06:41:35 DOOR caddy[670248]: HOME=/var/lib/caddy
Mar 04 06:41:35 DOOR caddy[670248]: INVOCATION_ID=93706b0e89a24957893e2c53b3257b5c
Mar 04 06:41:35 DOOR caddy[670248]: JOURNAL_STREAM=7:5743684
Mar 04 06:41:35 DOOR caddy[670248]: SYSTEMD_EXEC_PID=670248
Mar 04 06:41:35 DOOR caddy[670248]: {"level":"info","ts":1741059695.0609896,"msg":"using provided configuration","config_file":"/etc/caddy/Caddyfile","config_adapter":""}
Mar 04 06:41:35 DOOR caddy[670248]: {"level":"info","ts":1741059695.0646956,"logger":"admin","msg":"admin endpoint started","address":"localhost:2019","enforce_origin":false,"origins":["//localhost:2019","//[::1]:2019","//127.0.0.1:2019"]}
Mar 04 06:41:35 DOOR caddy[670248]: {"level":"warn","ts":1741059695.064853,"logger":"http","msg":"server is listening only on the HTTP port, so no automatic HTTPS will be applied to this server","server_name":"srv0","http_port":80}
Mar 04 06:41:35 DOOR caddy[670248]: {"level":"info","ts":1741059695.0650632,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0xc000348a80"}
Mar 04 06:41:35 DOOR caddy[670248]: {"level":"info","ts":1741059695.0651152,"logger":"tls","msg":"cleaning storage unit","description":"FileStorage:/var/lib/caddy/.local/share/caddy"}
Mar 04 06:41:35 DOOR caddy[670248]: {"level":"info","ts":1741059695.0652046,"logger":"http.log","msg":"server running","name":"srv0","protocols":["h1","h2","h3"]}
Mar 04 06:41:35 DOOR caddy[670248]: {"level":"info","ts":1741059695.0657494,"logger":"tls","msg":"finished cleaning storage units"}
Mar 04 06:41:35 DOOR caddy[670248]: {"level":"info","ts":1741059695.066869,"msg":"autosaved config (load with --resume flag)","file":"/var/lib/caddy/.config/caddy/autosave.json"}
Mar 04 06:41:35 DOOR caddy[670248]: {"level":"info","ts":1741059695.0670063,"msg":"serving initial configuration"}
Mar 04 06:41:35 DOOR systemd[1]: Started caddy.service - Caddy.
Mar 04 06:43:16 DOOR systemd[1]: Reloading caddy.service - Caddy...
Mar 04 06:43:16 DOOR caddy[671172]: {"level":"info","ts":1741059796.7441556,"msg":"using provided configuration","config_file":"/etc/caddy/Caddyfile","config_adapter":""}
Mar 04 06:43:16 DOOR caddy[671172]: Error: adapting config using caddyfile: parsing caddyfile tokens for 'reverse_proxy': /etc/caddy/Caddyfile:26 - Error during parsing: for now, URLs for proxy upstreams only support scheme, host, and port components
Mar 04 06:43:16 DOOR systemd[1]: caddy.service: Control process exited, code=exited, status=1/FAILURE
Mar 04 06:43:16 DOOR systemd[1]: Reload failed for caddy.service - Caddy.
Mar 04 08:38:03 DOOR systemd[1]: Reloading caddy.service - Caddy...
Mar 04 08:38:03 DOOR caddy[675610]: {"level":"info","ts":1741066683.5296867,"msg":"using provided configuration","config_file":"/etc/caddy/Caddyfile","config_adapter":""}
Mar 04 08:38:03 DOOR caddy[675610]: {"level":"warn","ts":1741066683.5502946,"msg":"Caddyfile input is not formatted; run the 'caddy fmt' command to fix inconsistencies","adapter":"caddyfile","file":"/etc/caddy/Caddyfile","line":30}
Mar 04 08:38:03 DOOR caddy[670248]: {"level":"info","ts":1741066683.6158905,"logger":"admin.api","msg":"received request","method":"POST","host":"localhost:2019","uri":"/load","remote_ip":"127.0.0.1","remote_port":"49146","headers":{"Accept-Encoding":["gzip"],"Cache-Control":["must-revalidate"],"Content-Length":["628"],"Content-Type":["application/json"],"Origin":["http://localhost:2019"],"User-Agent":["Go-http-client/1.1"]}}
Mar 04 08:38:03 DOOR caddy[670248]: {"level":"info","ts":1741066683.625234,"logger":"admin","msg":"admin endpoint started","address":"localhost:2019","enforce_origin":false,"origins":["//localhost:2019","//[::1]:2019","//127.0.0.1:2019"]}
Mar 04 08:38:03 DOOR caddy[670248]: {"level":"info","ts":1741066683.6273868,"logger":"http","msg":"server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS","server_name":"srv0","https_port":443}
Mar 04 08:38:03 DOOR caddy[670248]: {"level":"info","ts":1741066683.6276948,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0xc00046f340"}
Mar 04 08:38:03 DOOR caddy[670248]: {"level":"info","ts":1741066683.6280766,"logger":"http","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv0"}
Mar 04 08:38:03 DOOR caddy[670248]: {"level":"warn","ts":1741066683.6281292,"logger":"http","msg":"server is listening only on the HTTP port, so no automatic HTTPS will be applied to this server","server_name":"srv1","http_port":80}
Mar 04 08:38:03 DOOR caddy[670248]: {"level":"info","ts":1741066683.6376367,"logger":"http","msg":"enabling HTTP/3 listener","addr":":443"}
Mar 04 08:38:03 DOOR caddy[670248]: {"level":"info","ts":1741066683.6386428,"msg":"failed to sufficiently increase receive buffer size (was: 208 kiB, wanted: 7168 kiB, got: 416 kiB). See https://github.com/quic-go/quic-go/wiki/UDP-Buffer-Sizes for details."}
Mar 04 08:38:03 DOOR caddy[670248]: {"level":"info","ts":1741066683.6444325,"logger":"http.log","msg":"server running","name":"srv0","protocols":["h1","h2","h3"]}
Mar 04 08:38:03 DOOR caddy[670248]: {"level":"info","ts":1741066683.6450732,"logger":"http.log","msg":"server running","name":"srv1","protocols":["h1","h2","h3"]}
Mar 04 08:38:03 DOOR caddy[670248]: {"level":"info","ts":1741066683.6451545,"logger":"http","msg":"enabling automatic TLS certificate management","domains":["docker.io"]}
Mar 04 08:38:03 DOOR caddy[670248]: {"level":"info","ts":1741066683.6467404,"logger":"tls.cache.maintenance","msg":"stopped background certificate maintenance","cache":"0xc000348a80"}
Mar 04 08:38:03 DOOR caddy[670248]: {"level":"info","ts":1741066683.6479673,"msg":"autosaved config (load with --resume flag)","file":"/var/lib/caddy/.config/caddy/autosave.json"}
Mar 04 08:38:03 DOOR caddy[670248]: {"level":"info","ts":1741066683.6484952,"logger":"admin.api","msg":"load complete"}
Mar 04 08:38:03 DOOR systemd[1]: Reloaded caddy.service - Caddy.
Mar 04 08:38:03 DOOR caddy[670248]: {"level":"info","ts":1741066683.657938,"logger":"tls.obtain","msg":"acquiring lock","identifier":"docker.io"}
Mar 04 08:38:03 DOOR caddy[670248]: {"level":"info","ts":1741066683.6627483,"logger":"admin","msg":"stopped previous server","address":"localhost:2019"}
Mar 04 08:38:03 DOOR caddy[670248]: {"level":"info","ts":1741066683.6735723,"logger":"tls.obtain","msg":"lock acquired","identifier":"docker.io"}
Mar 04 08:38:03 DOOR caddy[670248]: {"level":"info","ts":1741066683.6740851,"logger":"tls.obtain","msg":"obtaining certificate","identifier":"docker.io"}
Mar 04 08:38:08 DOOR caddy[670248]: {"level":"error","ts":1741066688.1100895,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"docker.io","issuer":"acme-v02.api.letsencrypt.org-directory","error":"registering account [] with server: provisioning client: performing request: Get \"https://acme-v02.api.letsencrypt.org/directory\": remote error: tls: handshake failure"}
Mar 04 08:38:08 DOOR caddy[670248]: {"level":"warn","ts":1741066688.1108356,"logger":"http","msg":"missing email address for ZeroSSL; it is strongly recommended to set one for next time"}
Mar 04 08:38:09 DOOR caddy[670248]: {"level":"error","ts":1741066689.9698703,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"docker.io","issuer":"acme.zerossl.com-v2-DV90","error":"account pre-registration callback: failed getting EAB credentials: HTTP 422: caddy_legacy_user_removed (code 2977)"}
Mar 04 08:38:09 DOOR caddy[670248]: {"level":"error","ts":1741066689.970098,"logger":"tls.obtain","msg":"will retry","error":"[docker.io] Obtain: account pre-registration callback: failed getting EAB credentials: HTTP 422: caddy_legacy_user_removed (code 2977)","attempt":1,"retrying_in":60,"elapsed":6.296429108,"max_duration":2592000}
Mar 04 08:39:09 DOOR caddy[670248]: {"level":"info","ts":1741066749.972458,"logger":"tls.obtain","msg":"obtaining certificate","identifier":"docker.io"}
Mar 04 08:39:14 DOOR caddy[670248]: {"level":"error","ts":1741066754.0276883,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"docker.io","issuer":"acme-v02.api.letsencrypt.org-directory","error":"registering account [] with server: provisioning client: performing request: Get \"https://acme-staging-v02.api.letsencrypt.org/directory\": remote error: tls: handshake failure"}
Mar 04 08:39:14 DOOR caddy[670248]: {"level":"warn","ts":1741066754.0302696,"logger":"http","msg":"missing email address for ZeroSSL; it is strongly recommended to set one for next time"}
Mar 04 08:39:16 DOOR caddy[670248]: {"level":"error","ts":1741066756.7661743,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"docker.io","issuer":"acme.zerossl.com-v2-DV90","error":"account pre-registration callback: failed getting EAB credentials: HTTP 422: caddy_legacy_user_removed (code 2977)"}
Mar 04 08:39:16 DOOR caddy[670248]: {"level":"error","ts":1741066756.7666378,"logger":"tls.obtain","msg":"will retry","error":"[docker.io] Obtain: account pre-registration callback: failed getting EAB credentials: HTTP 422: caddy_legacy_user_removed (code 2977)","attempt":2,"retrying_in":120,"elapsed":73.092966623,"max_duration":2592000}
Mar 04 08:41:16 DOOR caddy[670248]: {"level":"info","ts":1741066876.7678077,"logger":"tls.obtain","msg":"obtaining certificate","identifier":"docker.io"}
Mar 04 08:41:21 DOOR caddy[670248]: {"level":"error","ts":1741066881.0221171,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"docker.io","issuer":"acme-v02.api.letsencrypt.org-directory","error":"registering account [] with server: provisioning client: performing request: Get \"https://acme-staging-v02.api.letsencrypt.org/directory\": remote error: tls: handshake failure"}
Mar 04 08:41:21 DOOR caddy[670248]: {"level":"warn","ts":1741066881.0226362,"logger":"http","msg":"missing email address for ZeroSSL; it is strongly recommended to set one for next time"}
Mar 04 08:41:24 DOOR caddy[670248]: {"level":"error","ts":1741066884.3750443,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"docker.io","issuer":"acme.zerossl.com-v2-DV90","error":"account pre-registration callback: failed getting EAB credentials: HTTP 422: caddy_legacy_user_removed (code 2977)"}
Mar 04 08:41:24 DOOR caddy[670248]: {"level":"error","ts":1741066884.3751955,"logger":"tls.obtain","msg":"will retry","error":"[docker.io] Obtain: account pre-registration callback: failed getting EAB credentials: HTTP 422: caddy_legacy_user_removed (code 2977)","attempt":3,"retrying_in":120,"elapsed":200.701525737,"max_duration":2592000}
Mar 04 08:43:24 DOOR caddy[670248]: {"level":"info","ts":1741067004.3765724,"logger":"tls.obtain","msg":"obtaining certificate","identifier":"docker.io"}
Mar 04 08:43:28 DOOR caddy[670248]: {"level":"error","ts":1741067008.545699,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"docker.io","issuer":"acme-v02.api.letsencrypt.org-directory","error":"registering account [] with server: provisioning client: performing request: Get \"https://acme-staging-v02.api.letsencrypt.org/directory\": remote error: tls: handshake failure"}
Mar 04 08:43:28 DOOR caddy[670248]: {"level":"warn","ts":1741067008.546439,"logger":"http","msg":"missing email address for ZeroSSL; it is strongly recommended to set one for next time"}
Mar 04 08:43:32 DOOR caddy[670248]: {"level":"error","ts":1741067012.1285145,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"docker.io","issuer":"acme.zerossl.com-v2-DV90","error":"account pre-registration callback: failed getting EAB credentials: HTTP 422: caddy_legacy_user_removed (code 2977)"}
Mar 04 08:43:32 DOOR caddy[670248]: {"level":"error","ts":1741067012.1289644,"logger":"tls.obtain","msg":"will retry","error":"[docker.io] Obtain: account pre-registration callback: failed getting EAB credentials: HTTP 422: caddy_legacy_user_removed (code 2977)","attempt":4,"retrying_in":300,"elapsed":328.455241786,"max_duration":2592000}
Mar 04 08:45:05 DOOR systemd[1]: Reloading caddy.service - Caddy...
Mar 04 08:45:06 DOOR caddy[679636]: {"level":"info","ts":1741067106.0361521,"msg":"using provided configuration","config_file":"/etc/caddy/Caddyfile","config_adapter":""}
Mar 04 08:45:06 DOOR caddy[679636]: {"level":"warn","ts":1741067106.040143,"msg":"Caddyfile input is not formatted; run the 'caddy fmt' command to fix inconsistencies","adapter":"caddyfile","file":"/etc/caddy/Caddyfile","line":30}
Mar 04 08:45:06 DOOR caddy[670248]: {"level":"info","ts":1741067106.0448012,"logger":"admin.api","msg":"received request","method":"POST","host":"localhost:2019","uri":"/load","remote_ip":"127.0.0.1","remote_port":"33648","headers":{"Accept-Encoding":["gzip"],"Cache-Control":["must-revalidate"],"Content-Length":["628"],"Content-Type":["application/json"],"Origin":["http://localhost:2019"],"User-Agent":["Go-http-client/1.1"]}}
Mar 04 08:45:06 DOOR caddy[670248]: {"level":"info","ts":1741067106.046753,"logger":"admin","msg":"admin endpoint started","address":"localhost:2019","enforce_origin":false,"origins":["//localhost:2019","//[::1]:2019","//127.0.0.1:2019"]}
Mar 04 08:45:06 DOOR caddy[670248]: {"level":"warn","ts":1741067106.047355,"logger":"http","msg":"server is listening only on the HTTP port, so no automatic HTTPS will be applied to this server","server_name":"srv1","http_port":80}
Mar 04 08:45:06 DOOR caddy[670248]: {"level":"info","ts":1741067106.0474675,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0xc000349420"}
Mar 04 08:45:06 DOOR caddy[670248]: {"level":"info","ts":1741067106.0474703,"logger":"http","msg":"server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS","server_name":"srv0","https_port":443}
Mar 04 08:45:06 DOOR caddy[670248]: {"level":"info","ts":1741067106.047588,"logger":"http","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv0"}
Mar 04 08:45:06 DOOR caddy[670248]: {"level":"info","ts":1741067106.0485966,"logger":"http","msg":"enabling HTTP/3 listener","addr":":443"}
Mar 04 08:45:06 DOOR caddy[670248]: {"level":"info","ts":1741067106.04864,"logger":"http.log","msg":"server running","name":"srv0","protocols":["h1","h2","h3"]}
Mar 04 08:45:06 DOOR caddy[670248]: {"level":"info","ts":1741067106.0488908,"logger":"http.log","msg":"server running","name":"srv1","protocols":["h1","h2","h3"]}
Mar 04 08:45:06 DOOR caddy[670248]: {"level":"info","ts":1741067106.0489109,"logger":"http","msg":"enabling automatic TLS certificate management","domains":["docker.io"]}
Mar 04 08:45:06 DOOR caddy[670248]: {"level":"info","ts":1741067106.049411,"logger":"tls.cache.maintenance","msg":"stopped background certificate maintenance","cache":"0xc00046f340"}
Mar 04 08:45:06 DOOR caddy[670248]: {"level":"info","ts":1741067106.0495155,"logger":"tls.obtain","msg":"releasing lock","identifier":"docker.io"}
Mar 04 08:45:06 DOOR caddy[670248]: {"level":"error","ts":1741067106.0497985,"logger":"tls","msg":"job failed","error":"docker.io: obtaining certificate: context canceled"}
Mar 04 08:45:06 DOOR caddy[670248]: {"level":"info","ts":1741067106.0498364,"msg":"autosaved config (load with --resume flag)","file":"/var/lib/caddy/.config/caddy/autosave.json"}
Mar 04 08:45:06 DOOR caddy[670248]: {"level":"info","ts":1741067106.0500574,"logger":"tls.obtain","msg":"acquiring lock","identifier":"docker.io"}
Mar 04 08:45:06 DOOR caddy[670248]: {"level":"info","ts":1741067106.050094,"logger":"admin.api","msg":"load complete"}
Mar 04 08:45:06 DOOR caddy[670248]: {"level":"info","ts":1741067106.0512366,"logger":"admin","msg":"stopped previous server","address":"localhost:2019"}
Mar 04 08:45:06 DOOR systemd[1]: Reloaded caddy.service - Caddy.
Mar 04 08:45:06 DOOR caddy[670248]: {"level":"info","ts":1741067106.058787,"logger":"tls.obtain","msg":"lock acquired","identifier":"docker.io"}
Mar 04 08:45:06 DOOR caddy[670248]: {"level":"info","ts":1741067106.0591354,"logger":"tls.obtain","msg":"obtaining certificate","identifier":"docker.io"}
Mar 04 08:45:21 DOOR caddy[670248]: {"level":"error","ts":1741067121.713527,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"docker.io","issuer":"acme-v02.api.letsencrypt.org-directory","error":"registering account [] with server: provisioning client: performing request: Get \"https://acme-v02.api.letsencrypt.org/directory\": read tcp 172.29.43.111:35264->198.18.1.162:443: read: connection reset by peer"}
Mar 04 08:45:21 DOOR caddy[670248]: {"level":"warn","ts":1741067121.71393,"logger":"http","msg":"missing email address for ZeroSSL; it is strongly recommended to set one for next time"}
Mar 04 08:45:26 DOOR caddy[670248]: {"level":"error","ts":1741067126.739991,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"docker.io","issuer":"acme.zerossl.com-v2-DV90","error":"account pre-registration callback: performing EAB credentials request: Post \"https://api.zerossl.com/acme/eab-credentials-email\": read tcp 172.29.43.111:60248->198.18.1.163:443: read: connection reset by peer"}
Mar 04 08:45:26 DOOR caddy[670248]: {"level":"error","ts":1741067126.74077,"logger":"tls.obtain","msg":"will retry","error":"[docker.io] Obtain: account pre-registration callback: performing EAB credentials request: Post \"https://api.zerossl.com/acme/eab-credentials-email\": read tcp 172.29.43.111:60248->198.18.1.163:443: read: connection reset by peer","attempt":1,"retrying_in":60,"elapsed":20.681934036,"max_duration":2592000}
Mar 04 08:46:26 DOOR caddy[670248]: {"level":"info","ts":1741067186.742876,"logger":"tls.obtain","msg":"obtaining certificate","identifier":"docker.io"}
Mar 04 08:46:42 DOOR caddy[670248]: {"level":"error","ts":1741067202.382586,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"docker.io","issuer":"acme-v02.api.letsencrypt.org-directory","error":"registering account [] with server: provisioning client: performing request: Get \"https://acme-staging-v02.api.letsencrypt.org/directory\": read tcp 172.29.43.111:40154->198.18.1.164:443: read: connection reset by peer"}
Mar 04 08:46:42 DOOR caddy[670248]: {"level":"warn","ts":1741067202.383037,"logger":"http","msg":"missing email address for ZeroSSL; it is strongly recommended to set one for next time"}
Mar 04 08:46:47 DOOR caddy[670248]: {"level":"error","ts":1741067207.3994792,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"docker.io","issuer":"acme.zerossl.com-v2-DV90","error":"account pre-registration callback: performing EAB credentials request: Post \"https://api.zerossl.com/acme/eab-credentials-email\": read tcp 172.29.43.111:60140->198.18.1.163:443: read: connection reset by peer"}
Mar 04 08:46:47 DOOR caddy[670248]: {"level":"error","ts":1741067207.3997128,"logger":"tls.obtain","msg":"will retry","error":"[docker.io] Obtain: account pre-registration callback: performing EAB credentials request: Post \"https://api.zerossl.com/acme/eab-credentials-email\": read tcp 172.29.43.111:60140->198.18.1.163:443: read: connection reset by peer","attempt":2,"retrying_in":120,"elapsed":101.340874889,"max_duration":2592000}
Mar 04 08:48:47 DOOR caddy[670248]: {"level":"info","ts":1741067327.4006374,"logger":"tls.obtain","msg":"obtaining certificate","identifier":"docker.io"}
Mar 04 08:49:02 DOOR caddy[670248]: {"level":"error","ts":1741067342.9487288,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"docker.io","issuer":"acme-v02.api.letsencrypt.org-directory","error":"registering account [] with server: provisioning client: performing request: Get \"https://acme-staging-v02.api.letsencrypt.org/directory\": read tcp 172.29.43.111:49468->198.18.1.164:443: read: connection reset by peer"}
Mar 04 08:49:02 DOOR caddy[670248]: {"level":"warn","ts":1741067342.9492414,"logger":"http","msg":"missing email address for ZeroSSL; it is strongly recommended to set one for next time"}
Mar 04 08:49:07 DOOR caddy[670248]: {"level":"error","ts":1741067347.9564397,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"docker.io","issuer":"acme.zerossl.com-v2-DV90","error":"account pre-registration callback: performing EAB credentials request: Post \"https://api.zerossl.com/acme/eab-credentials-email\": read tcp 172.29.43.111:57926->198.18.1.163:443: read: connection reset by peer"}
Mar 04 08:49:07 DOOR caddy[670248]: {"level":"error","ts":1741067347.9565737,"logger":"tls.obtain","msg":"will retry","error":"[docker.io] Obtain: account pre-registration callback: performing EAB credentials request: Post \"https://api.zerossl.com/acme/eab-credentials-email\": read tcp 172.29.43.111:57926->198.18.1.163:443: read: connection reset by peer","attempt":3,"retrying_in":120,"elapsed":241.897739736,"max_duration":2592000}
Mar 04 08:51:07 DOOR caddy[670248]: {"level":"info","ts":1741067467.9578052,"logger":"tls.obtain","msg":"obtaining certificate","identifier":"docker.io"}
Mar 04 08:51:23 DOOR caddy[670248]: {"level":"error","ts":1741067483.5737147,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"docker.io","issuer":"acme-v02.api.letsencrypt.org-directory","error":"registering account [] with server: provisioning client: performing request: Get \"https://acme-staging-v02.api.letsencrypt.org/directory\": read tcp 172.29.43.111:43152->198.18.1.164:443: read: connection reset by peer"}
Mar 04 08:51:23 DOOR caddy[670248]: {"level":"warn","ts":1741067483.5740714,"logger":"http","msg":"missing email address for ZeroSSL; it is strongly recommended to set one for next time"}
Mar 04 08:51:28 DOOR caddy[670248]: {"level":"error","ts":1741067488.6403613,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"docker.io","issuer":"acme.zerossl.com-v2-DV90","error":"account pre-registration callback: performing EAB credentials request: Post \"https://api.zerossl.com/acme/eab-credentials-email\": read tcp 172.29.43.111:45448->198.18.1.163:443: read: connection reset by peer"}
Mar 04 08:51:28 DOOR caddy[670248]: {"level":"error","ts":1741067488.6405926,"logger":"tls.obtain","msg":"will retry","error":"[docker.io] Obtain: account pre-registration callback: performing EAB credentials request: Post \"https://api.zerossl.com/acme/eab-credentials-email\": read tcp 172.29.43.111:45448->198.18.1.163:443: read: connection reset by peer","attempt":4,"retrying_in":300,"elapsed":382.581758423,"max_duration":2592000}
Mar 04 08:56:28 DOOR caddy[670248]: {"level":"info","ts":1741067788.6422162,"logger":"tls.obtain","msg":"obtaining certificate","identifier":"docker.io"}
Mar 04 08:56:32 DOOR caddy[670248]: {"level":"info","ts":1741067792.9346292,"logger":"http.acme_client","msg":"trying to solve challenge","identifier":"docker.io","challenge_type":"tls-alpn-01","ca":"https://acme-staging-v02.api.letsencrypt.org/directory"}
Mar 04 08:56:33 DOOR caddy[670248]: {"level":"error","ts":1741067793.9352884,"logger":"http.acme_client","msg":"challenge failed","identifier":"docker.io","challenge_type":"tls-alpn-01","status_code":403,"problem_type":"urn:ietf:params:acme:error:unauthorized","error":"Cannot negotiate ALPN protocol \"acme-tls/1\" for tls-alpn-01 challenge"}
Mar 04 08:56:33 DOOR caddy[670248]: {"level":"error","ts":1741067793.9354165,"logger":"http.acme_client","msg":"validating authorization","identifier":"docker.io","error":"authorization failed: HTTP 403 urn:ietf:params:acme:error:unauthorized - Cannot negotiate ALPN protocol \"acme-tls/1\" for tls-alpn-01 challenge","order":"https://acme-staging-v02.api.letsencrypt.org/acme/order/187797124/23015629004","attempt":1,"max_attempts":3}
Mar 04 08:56:36 DOOR caddy[670248]: {"level":"info","ts":1741067796.8696594,"logger":"http.acme_client","msg":"trying to solve challenge","identifier":"docker.io","challenge_type":"http-01","ca":"https://acme-staging-v02.api.letsencrypt.org/directory"}
Mar 04 08:56:39 DOOR caddy[670248]: {"level":"error","ts":1741067799.1842213,"logger":"http.acme_client","msg":"challenge failed","identifier":"docker.io","challenge_type":"http-01","status_code":403,"problem_type":"urn:ietf:params:acme:error:unauthorized","error":"The key authorization file from the server did not match this challenge. Expected \"7pRnnrG5Qp-MoPCvlqIaU05Ga3IljBllh5C3MKoHuzA.ORNKVbc_3k533GlbmH2deO9bSt169KOYP645QXge14M\" (got \"7pRnnrG5Qp-MoPCvlqIaU05Ga3IljBllh5C3MKoHuzA.vKGSnNTMm-njyWJQYjhmPuIovGcwxiduMtzbURl4_Yc\")"}
Mar 04 08:56:39 DOOR caddy[670248]: {"level":"error","ts":1741067799.1845386,"logger":"http.acme_client","msg":"validating authorization","identifier":"docker.io","error":"authorization failed: HTTP 403 urn:ietf:params:acme:error:unauthorized - The key authorization file from the server did not match this challenge. Expected \"7pRnnrG5Qp-MoPCvlqIaU05Ga3IljBllh5C3MKoHuzA.ORNKVbc_3k533GlbmH2deO9bSt169KOYP645QXge14M\" (got \"7pRnnrG5Qp-MoPCvlqIaU05Ga3IljBllh5C3MKoHuzA.vKGSnNTMm-njyWJQYjhmPuIovGcwxiduMtzbURl4_Yc\")","order":"https://acme-staging-v02.api.letsencrypt.org/acme/order/187797124/23015629934","attempt":2,"max_attempts":3}
Mar 04 08:56:41 DOOR caddy[670248]: {"level":"error","ts":1741067801.4328856,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"docker.io","issuer":"acme-v02.api.letsencrypt.org-directory","error":"[docker.io] solving challenges: docker.io: no solvers available for remaining challenges (configured=[http-01 tls-alpn-01] offered=[http-01 tls-alpn-01 dns-01] remaining=[dns-01]) (order=https://acme-staging-v02.api.letsencrypt.org/acme/order/187797124/23015630714) (ca=https://acme-staging-v02.api.letsencrypt.org/directory)"}
Mar 04 08:56:41 DOOR caddy[670248]: {"level":"warn","ts":1741067801.433303,"logger":"http","msg":"missing email address for ZeroSSL; it is strongly recommended to set one for next time"}
Mar 04 08:56:46 DOOR caddy[670248]: {"level":"error","ts":1741067806.4420114,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"docker.io","issuer":"acme.zerossl.com-v2-DV90","error":"account pre-registration callback: performing EAB credentials request: Post \"https://api.zerossl.com/acme/eab-credentials-email\": read tcp 172.29.43.111:41986->198.18.1.163:443: read: connection reset by peer"}
Mar 04 08:56:46 DOOR caddy[670248]: {"level":"error","ts":1741067806.4421265,"logger":"tls.obtain","msg":"will retry","error":"[docker.io] Obtain: account pre-registration callback: performing EAB credentials request: Post \"https://api.zerossl.com/acme/eab-credentials-email\": read tcp 172.29.43.111:41986->198.18.1.163:443: read: connection reset by peer","attempt":5,"retrying_in":600,"elapsed":700.383291318,"max_duration":2592000}
Mar 04 09:06:46 DOOR caddy[670248]: {"level":"info","ts":1741068406.443011,"logger":"tls.obtain","msg":"obtaining certificate","identifier":"docker.io"}
Mar 04 09:06:54 DOOR caddy[670248]: {"level":"info","ts":1741068414.722544,"logger":"http.acme_client","msg":"trying to solve challenge","identifier":"docker.io","challenge_type":"http-01","ca":"https://acme-staging-v02.api.letsencrypt.org/directory"}
Mar 04 09:06:56 DOOR caddy[670248]: {"level":"error","ts":1741068416.9714422,"logger":"http.acme_client","msg":"challenge failed","identifier":"docker.io","challenge_type":"http-01","status_code":403,"problem_type":"urn:ietf:params:acme:error:unauthorized","error":"The key authorization file from the server did not match this challenge. Expected \"FzCZxZi2XzAF955MvLXwhcrjWlVJ8BeblWUZD7egEmI.ORNKVbc_3k533GlbmH2deO9bSt169KOYP645QXge14M\" (got \"FzCZxZi2XzAF955MvLXwhcrjWlVJ8BeblWUZD7egEmI.vKGSnNTMm-njyWJQYjhmPuIovGcwxiduMtzbURl4_Yc\")"}
Mar 04 09:06:56 DOOR caddy[670248]: {"level":"error","ts":1741068416.9715476,"logger":"http.acme_client","msg":"validating authorization","identifier":"docker.io","error":"authorization failed: HTTP 403 urn:ietf:params:acme:error:unauthorized - The key authorization file from the server did not match this challenge. Expected \"FzCZxZi2XzAF955MvLXwhcrjWlVJ8BeblWUZD7egEmI.ORNKVbc_3k533GlbmH2deO9bSt169KOYP645QXge14M\" (got \"FzCZxZi2XzAF955MvLXwhcrjWlVJ8BeblWUZD7egEmI.vKGSnNTMm-njyWJQYjhmPuIovGcwxiduMtzbURl4_Yc\")","order":"https://acme-staging-v02.api.letsencrypt.org/acme/order/187797124/23015790644","attempt":1,"max_attempts":3}
Mar 04 09:06:58 DOOR caddy[670248]: {"level":"info","ts":1741068418.7296846,"logger":"http.acme_client","msg":"trying to solve challenge","identifier":"docker.io","challenge_type":"tls-alpn-01","ca":"https://acme-staging-v02.api.letsencrypt.org/directory"}
Mar 04 09:06:59 DOOR caddy[670248]: {"level":"error","ts":1741068419.754873,"logger":"http.acme_client","msg":"challenge failed","identifier":"docker.io","challenge_type":"tls-alpn-01","status_code":403,"problem_type":"urn:ietf:params:acme:error:unauthorized","error":"Cannot negotiate ALPN protocol \"acme-tls/1\" for tls-alpn-01 challenge"}
Mar 04 09:06:59 DOOR caddy[670248]: {"level":"error","ts":1741068419.7550073,"logger":"http.acme_client","msg":"validating authorization","identifier":"docker.io","error":"authorization failed: HTTP 403 urn:ietf:params:acme:error:unauthorized - Cannot negotiate ALPN protocol \"acme-tls/1\" for tls-alpn-01 challenge","order":"https://acme-staging-v02.api.letsencrypt.org/acme/order/187797124/23015791784","attempt":2,"max_attempts":3}
Mar 04 09:07:02 DOOR caddy[670248]: {"level":"error","ts":1741068422.7128754,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"docker.io","issuer":"acme-v02.api.letsencrypt.org-directory","error":"[docker.io] solving challenges: docker.io: no solvers available for remaining challenges (configured=[http-01 tls-alpn-01] offered=[http-01 tls-alpn-01 dns-01] remaining=[dns-01]) (order=https://acme-staging-v02.api.letsencrypt.org/acme/order/187797124/23015792484) (ca=https://acme-staging-v02.api.letsencrypt.org/directory)"}
Mar 04 09:07:02 DOOR caddy[670248]: {"level":"warn","ts":1741068422.713349,"logger":"http","msg":"missing email address for ZeroSSL; it is strongly recommended to set one for next time"}
Mar 04 09:07:05 DOOR caddy[670248]: {"level":"error","ts":1741068425.1011937,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"docker.io","issuer":"acme.zerossl.com-v2-DV90","error":"account pre-registration callback: failed getting EAB credentials: HTTP 422: caddy_legacy_user_removed (code 2977)"}
Mar 04 09:07:05 DOOR caddy[670248]: {"level":"error","ts":1741068425.1013565,"logger":"tls.obtain","msg":"will retry","error":"[docker.io] Obtain: account pre-registration callback: failed getting EAB credentials: HTTP 422: caddy_legacy_user_removed (code 2977)","attempt":6,"retrying_in":1200,"elapsed":1319.042522541,"max_duration":2592000}
Mar 04 09:08:36 DOOR systemd[1]: Reloading caddy.service - Caddy...
Mar 04 09:08:36 DOOR caddy[681415]: {"level":"info","ts":1741068516.416092,"msg":"using provided configuration","config_file":"/etc/caddy/Caddyfile","config_adapter":""}
Mar 04 09:08:36 DOOR caddy[681415]: {"level":"warn","ts":1741068516.4234712,"msg":"Caddyfile input is not formatted; run the 'caddy fmt' command to fix inconsistencies","adapter":"caddyfile","file":"/etc/caddy/Caddyfile","line":31}
Mar 04 09:08:36 DOOR caddy[670248]: {"level":"info","ts":1741068516.426697,"logger":"admin.api","msg":"received request","method":"POST","host":"localhost:2019","uri":"/load","remote_ip":"127.0.0.1","remote_port":"33376","headers":{"Accept-Encoding":["gzip"],"Cache-Control":["must-revalidate"],"Content-Length":["547"],"Content-Type":["application/json"],"Origin":["http://localhost:2019"],"User-Agent":["Go-http-client/1.1"]}}
Mar 04 09:08:36 DOOR caddy[670248]: {"level":"info","ts":1741068516.4284253,"logger":"admin","msg":"admin endpoint started","address":"localhost:2019","enforce_origin":false,"origins":["//localhost:2019","//[::1]:2019","//127.0.0.1:2019"]}
Mar 04 09:08:36 DOOR caddy[670248]: {"level":"info","ts":1741068516.42886,"logger":"http","msg":"server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS","server_name":"srv0","https_port":443}
Mar 04 09:08:36 DOOR caddy[670248]: {"level":"info","ts":1741068516.428943,"logger":"http","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv0"}
Mar 04 09:08:36 DOOR caddy[670248]: {"level":"warn","ts":1741068516.4289725,"logger":"http","msg":"server is listening only on the HTTP port, so no automatic HTTPS will be applied to this server","server_name":"srv1","http_port":80}
Mar 04 09:08:36 DOOR caddy[670248]: {"level":"info","ts":1741068516.4289393,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0xc000316d90"}
Mar 04 09:08:36 DOOR caddy[670248]: {"level":"info","ts":1741068516.430755,"logger":"http","msg":"enabling HTTP/3 listener","addr":":443"}
Mar 04 09:08:36 DOOR caddy[670248]: {"level":"info","ts":1741068516.4308488,"logger":"http.log","msg":"server running","name":"srv0","protocols":["h1","h2","h3"]}
Mar 04 09:08:36 DOOR caddy[670248]: {"level":"info","ts":1741068516.4309158,"logger":"http.log","msg":"server running","name":"srv1","protocols":["h1","h2","h3"]}
Mar 04 09:08:36 DOOR caddy[670248]: {"level":"info","ts":1741068516.4309256,"logger":"http","msg":"enabling automatic TLS certificate management","domains":["docker.io"]}
Mar 04 09:08:36 DOOR caddy[670248]: {"level":"info","ts":1741068516.4314387,"logger":"tls.obtain","msg":"releasing lock","identifier":"docker.io"}
Mar 04 09:08:36 DOOR caddy[670248]: {"level":"info","ts":1741068516.4314919,"logger":"tls.cache.maintenance","msg":"stopped background certificate maintenance","cache":"0xc000349420"}
Mar 04 09:08:36 DOOR caddy[670248]: {"level":"info","ts":1741068516.4323463,"msg":"autosaved config (load with --resume flag)","file":"/var/lib/caddy/.config/caddy/autosave.json"}
Mar 04 09:08:36 DOOR caddy[670248]: {"level":"info","ts":1741068516.4325204,"logger":"admin.api","msg":"load complete"}
Mar 04 09:08:36 DOOR caddy[670248]: {"level":"info","ts":1741068516.4326224,"logger":"tls.obtain","msg":"acquiring lock","identifier":"docker.io"}
Mar 04 09:08:36 DOOR caddy[670248]: {"level":"error","ts":1741068516.4343028,"logger":"tls","msg":"job failed","error":"docker.io: obtaining certificate: context canceled"}
Mar 04 09:08:36 DOOR systemd[1]: Reloaded caddy.service - Caddy.
Mar 04 09:08:36 DOOR caddy[670248]: {"level":"info","ts":1741068516.4380596,"logger":"admin","msg":"stopped previous server","address":"localhost:2019"}
Mar 04 09:08:36 DOOR caddy[670248]: {"level":"info","ts":1741068516.438182,"logger":"tls.obtain","msg":"lock acquired","identifier":"docker.io"}
Mar 04 09:08:36 DOOR caddy[670248]: {"level":"info","ts":1741068516.438497,"logger":"tls.obtain","msg":"obtaining certificate","identifier":"docker.io"}
Mar 04 09:08:39 DOOR caddy[670248]: {"level":"info","ts":1741068519.8897047,"logger":"http","msg":"waiting on internal rate limiter","identifiers":["docker.io"],"ca":"https://acme-v02.api.letsencrypt.org/directory","account":""}
Mar 04 09:08:39 DOOR caddy[670248]: {"level":"info","ts":1741068519.8898659,"logger":"http","msg":"done waiting on internal rate limiter","identifiers":["docker.io"],"ca":"https://acme-v02.api.letsencrypt.org/directory","account":""}
Mar 04 09:08:40 DOOR caddy[670248]: {"level":"info","ts":1741068520.709622,"logger":"http.acme_client","msg":"trying to solve challenge","identifier":"docker.io","challenge_type":"http-01","ca":"https://acme-v02.api.letsencrypt.org/directory"}
Mar 04 09:08:43 DOOR caddy[670248]: {"level":"error","ts":1741068523.6653368,"logger":"http.acme_client","msg":"challenge failed","identifier":"docker.io","challenge_type":"http-01","status_code":403,"problem_type":"urn:ietf:params:acme:error:unauthorized","error":"The key authorization file from the server did not match this challenge. Expected \"Ea8cBeAazFSosCqBQk3iUvD-yPF2DvlgxXSmjq4W6UM.-nMk-LSZBv4GBJ0Eabo4Pc9tlHAQ_xV33HETpyGr8D4\" (got \"Ea8cBeAazFSosCqBQk3iUvD-yPF2DvlgxXSmjq4W6UM.vKGSnNTMm-njyWJQYjhmPuIovGcwxiduMtzbURl4_Yc\")"}
Mar 04 09:08:43 DOOR caddy[670248]: {"level":"error","ts":1741068523.665427,"logger":"http.acme_client","msg":"validating authorization","identifier":"docker.io","error":"authorization failed: HTTP 403 urn:ietf:params:acme:error:unauthorized - The key authorization file from the server did not match this challenge. Expected \"Ea8cBeAazFSosCqBQk3iUvD-yPF2DvlgxXSmjq4W6UM.-nMk-LSZBv4GBJ0Eabo4Pc9tlHAQ_xV33HETpyGr8D4\" (got \"Ea8cBeAazFSosCqBQk3iUvD-yPF2DvlgxXSmjq4W6UM.vKGSnNTMm-njyWJQYjhmPuIovGcwxiduMtzbURl4_Yc\")","order":"https://acme-v02.api.letsencrypt.org/acme/order/2261609435/360051195715","attempt":1,"max_attempts":3}
Mar 04 09:08:45 DOOR caddy[670248]: {"level":"info","ts":1741068525.4102323,"logger":"http.acme_client","msg":"trying to solve challenge","identifier":"docker.io","challenge_type":"tls-alpn-01","ca":"https://acme-v02.api.letsencrypt.org/directory"}
Mar 04 09:08:46 DOOR caddy[670248]: {"level":"error","ts":1741068526.3703206,"logger":"http.acme_client","msg":"challenge failed","identifier":"docker.io","challenge_type":"tls-alpn-01","status_code":403,"problem_type":"urn:ietf:params:acme:error:unauthorized","error":"Cannot negotiate ALPN protocol \"acme-tls/1\" for tls-alpn-01 challenge"}
Mar 04 09:08:46 DOOR caddy[670248]: {"level":"error","ts":1741068526.3704267,"logger":"http.acme_client","msg":"validating authorization","identifier":"docker.io","error":"authorization failed: HTTP 403 urn:ietf:params:acme:error:unauthorized - Cannot negotiate ALPN protocol \"acme-tls/1\" for tls-alpn-01 challenge","order":"https://acme-v02.api.letsencrypt.org/acme/order/2261609435/360051215905","attempt":2,"max_attempts":3}
Mar 04 09:08:48 DOOR caddy[670248]: {"level":"error","ts":1741068528.8825698,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"docker.io","issuer":"acme-v02.api.letsencrypt.org-directory","error":"[docker.io] solving challenges: docker.io: no solvers available for remaining challenges (configured=[http-01 tls-alpn-01] offered=[dns-01 tls-alpn-01 http-01] remaining=[dns-01]) (order=https://acme-v02.api.letsencrypt.org/acme/order/2261609435/360051226565) (ca=https://acme-v02.api.letsencrypt.org/directory)"}
Mar 04 09:08:48 DOOR caddy[670248]: {"level":"warn","ts":1741068528.8830214,"logger":"http","msg":"missing email address for ZeroSSL; it is strongly recommended to set one for next time"}
Mar 04 09:08:50 DOOR caddy[670248]: {"level":"error","ts":1741068530.3142262,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"docker.io","issuer":"acme.zerossl.com-v2-DV90","error":"account pre-registration callback: failed getting EAB credentials: HTTP 422: caddy_legacy_user_removed (code 2977)"}
Mar 04 09:08:50 DOOR caddy[670248]: {"level":"error","ts":1741068530.3144639,"logger":"tls.obtain","msg":"will retry","error":"[docker.io] Obtain: account pre-registration callback: failed getting EAB credentials: HTTP 422: caddy_legacy_user_removed (code 2977)","attempt":1,"retrying_in":60,"elapsed":13.876245538,"max_duration":2592000}
Mar 04 09:09:50 DOOR caddy[670248]: {"level":"info","ts":1741068590.3150096,"logger":"tls.obtain","msg":"obtaining certificate","identifier":"docker.io"}
Mar 04 09:09:52 DOOR caddy[670248]: {"level":"info","ts":1741068592.1744473,"logger":"http.acme_client","msg":"trying to solve challenge","identifier":"docker.io","challenge_type":"http-01","ca":"https://acme-staging-v02.api.letsencrypt.org/directory"}
Mar 04 09:09:54 DOOR caddy[670248]: {"level":"error","ts":1741068594.4279516,"logger":"http.acme_client","msg":"challenge failed","identifier":"docker.io","challenge_type":"http-01","status_code":403,"problem_type":"urn:ietf:params:acme:error:unauthorized","error":"The key authorization file from the server did not match this challenge. Expected \"cYbeu6Uds9nBT7GzGtA1u301rvsBJl_zLpUMTcPyR6Q.ORNKVbc_3k533GlbmH2deO9bSt169KOYP645QXge14M\" (got \"cYbeu6Uds9nBT7GzGtA1u301rvsBJl_zLpUMTcPyR6Q.vKGSnNTMm-njyWJQYjhmPuIovGcwxiduMtzbURl4_Yc\")"}
Mar 04 09:09:54 DOOR caddy[670248]: {"level":"error","ts":1741068594.4280682,"logger":"http.acme_client","msg":"validating authorization","identifier":"docker.io","error":"authorization failed: HTTP 403 urn:ietf:params:acme:error:unauthorized - The key authorization file from the server did not match this challenge. Expected \"cYbeu6Uds9nBT7GzGtA1u301rvsBJl_zLpUMTcPyR6Q.ORNKVbc_3k533GlbmH2deO9bSt169KOYP645QXge14M\" (got \"cYbeu6Uds9nBT7GzGtA1u301rvsBJl_zLpUMTcPyR6Q.vKGSnNTMm-njyWJQYjhmPuIovGcwxiduMtzbURl4_Yc\")","order":"https://acme-staging-v02.api.letsencrypt.org/acme/order/187797124/23015839394","attempt":1,"max_attempts":3}
Mar 04 09:09:56 DOOR caddy[670248]: {"level":"info","ts":1741068596.1911824,"logger":"http.acme_client","msg":"trying to solve challenge","identifier":"docker.io","challenge_type":"tls-alpn-01","ca":"https://acme-staging-v02.api.letsencrypt.org/directory"}
Mar 04 09:09:57 DOOR caddy[670248]: {"level":"error","ts":1741068597.1913588,"logger":"http.acme_client","msg":"challenge failed","identifier":"docker.io","challenge_type":"tls-alpn-01","status_code":403,"problem_type":"urn:ietf:params:acme:error:unauthorized","error":"Cannot negotiate ALPN protocol \"acme-tls/1\" for tls-alpn-01 challenge"}
Mar 04 09:09:57 DOOR caddy[670248]: {"level":"error","ts":1741068597.191525,"logger":"http.acme_client","msg":"validating authorization","identifier":"docker.io","error":"authorization failed: HTTP 403 urn:ietf:params:acme:error:unauthorized - Cannot negotiate ALPN protocol \"acme-tls/1\" for tls-alpn-01 challenge","order":"https://acme-staging-v02.api.letsencrypt.org/acme/order/187797124/23015840204","attempt":2,"max_attempts":3}
Mar 04 09:09:59 DOOR caddy[670248]: {"level":"error","ts":1741068599.3829184,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"docker.io","issuer":"acme-v02.api.letsencrypt.org-directory","error":"[docker.io] solving challenges: docker.io: no solvers available for remaining challenges (configured=[http-01 tls-alpn-01] offered=[tls-alpn-01 dns-01 http-01] remaining=[dns-01]) (order=https://acme-staging-v02.api.letsencrypt.org/acme/order/187797124/23015840844) (ca=https://acme-staging-v02.api.letsencrypt.org/directory)"}
Mar 04 09:09:59 DOOR caddy[670248]: {"level":"warn","ts":1741068599.3835485,"logger":"http","msg":"missing email address for ZeroSSL; it is strongly recommended to set one for next time"}
Mar 04 09:10:00 DOOR caddy[670248]: {"level":"error","ts":1741068600.6438239,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"docker.io","issuer":"acme.zerossl.com-v2-DV90","error":"account pre-registration callback: failed getting EAB credentials: HTTP 422: caddy_legacy_user_removed (code 2977)"}
Mar 04 09:10:00 DOOR caddy[670248]: {"level":"error","ts":1741068600.6439252,"logger":"tls.obtain","msg":"will retry","error":"[docker.io] Obtain: account pre-registration callback: failed getting EAB credentials: HTTP 422: caddy_legacy_user_removed (code 2977)","attempt":2,"retrying_in":120,"elapsed":84.205707933,"max_duration":2592000}
Mar 04 09:11:45 DOOR systemd[1]: Reloading caddy.service - Caddy...
Mar 04 09:11:45 DOOR caddy[683231]: {"level":"info","ts":1741068705.1446416,"msg":"using provided configuration","config_file":"/etc/caddy/Caddyfile","config_adapter":""}
Mar 04 09:11:45 DOOR caddy[683231]: {"level":"warn","ts":1741068705.1469345,"msg":"Caddyfile input is not formatted; run the 'caddy fmt' command to fix inconsistencies","adapter":"caddyfile","file":"/etc/caddy/Caddyfile","line":31}
Mar 04 09:11:45 DOOR caddy[670248]: {"level":"info","ts":1741068705.1494017,"logger":"admin.api","msg":"received request","method":"POST","host":"localhost:2019","uri":"/load","remote_ip":"127.0.0.1","remote_port":"56936","headers":{"Accept-Encoding":["gzip"],"Cache-Control":["must-revalidate"],"Content-Length":["572"],"Content-Type":["application/json"],"Origin":["http://localhost:2019"],"User-Agent":["Go-http-client/1.1"]}}
Mar 04 09:11:45 DOOR caddy[670248]: {"level":"info","ts":1741068705.1509578,"logger":"admin","msg":"admin endpoint started","address":"localhost:2019","enforce_origin":false,"origins":["//localhost:2019","//[::1]:2019","//127.0.0.1:2019"]}
Mar 04 09:11:45 DOOR caddy[670248]: {"level":"warn","ts":1741068705.1512487,"logger":"http","msg":"server is listening only on the HTTP port, so no automatic HTTPS will be applied to this server","server_name":"srv0","http_port":80}
Mar 04 09:11:45 DOOR caddy[670248]: {"level":"info","ts":1741068705.1515694,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0xc0003492d0"}
Mar 04 09:11:45 DOOR caddy[670248]: {"level":"info","ts":1741068705.1530397,"logger":"http.log","msg":"server running","name":"srv0","protocols":["h1","h2","h3"]}
Mar 04 09:11:45 DOOR caddy[670248]: {"level":"info","ts":1741068705.1533742,"logger":"tls.cache.maintenance","msg":"stopped background certificate maintenance","cache":"0xc000316d90"}
Mar 04 09:11:45 DOOR caddy[670248]: {"level":"info","ts":1741068705.1534355,"logger":"tls.obtain","msg":"releasing lock","identifier":"docker.io"}
Mar 04 09:11:45 DOOR caddy[670248]: {"level":"info","ts":1741068705.1536763,"msg":"autosaved config (load with --resume flag)","file":"/var/lib/caddy/.config/caddy/autosave.json"}
Mar 04 09:11:45 DOOR caddy[670248]: {"level":"info","ts":1741068705.1538506,"logger":"admin.api","msg":"load complete"}
Mar 04 09:11:45 DOOR caddy[670248]: {"level":"error","ts":1741068705.1542704,"logger":"tls","msg":"job failed","error":"docker.io: obtaining certificate: context canceled"}
Mar 04 09:11:45 DOOR caddy[670248]: {"level":"info","ts":1741068705.1549883,"logger":"admin","msg":"stopped previous server","address":"localhost:2019"}
Mar 04 09:11:45 DOOR systemd[1]: Reloaded caddy.service - Caddy.
Mar 04 09:12:58 DOOR systemd[1]: Reloading caddy.service - Caddy...
Mar 04 09:12:58 DOOR caddy[684106]: {"level":"info","ts":1741068778.1418145,"msg":"using provided configuration","config_file":"/etc/caddy/Caddyfile","config_adapter":""}
Mar 04 09:12:58 DOOR caddy[684106]: {"level":"warn","ts":1741068778.1480224,"msg":"Caddyfile input is not formatted; run the 'caddy fmt' command to fix inconsistencies","adapter":"caddyfile","file":"/etc/caddy/Caddyfile","line":31}
Mar 04 09:12:58 DOOR caddy[670248]: {"level":"info","ts":1741068778.150351,"logger":"admin.api","msg":"received request","method":"POST","host":"localhost:2019","uri":"/load","remote_ip":"127.0.0.1","remote_port":"51364","headers":{"Accept-Encoding":["gzip"],"Cache-Control":["must-revalidate"],"Content-Length":["574"],"Content-Type":["application/json"],"Origin":["http://localhost:2019"],"User-Agent":["Go-http-client/1.1"]}}
Mar 04 09:12:58 DOOR caddy[670248]: {"level":"info","ts":1741068778.1524222,"logger":"admin","msg":"admin endpoint started","address":"localhost:2019","enforce_origin":false,"origins":["//localhost:2019","//[::1]:2019","//127.0.0.1:2019"]}
Mar 04 09:12:58 DOOR caddy[670248]: {"level":"warn","ts":1741068778.1526933,"logger":"http","msg":"server is listening only on the HTTP port, so no automatic HTTPS will be applied to this server","server_name":"srv0","http_port":80}
Mar 04 09:12:58 DOOR caddy[670248]: {"level":"info","ts":1741068778.152859,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0xc000266230"}
Mar 04 09:12:58 DOOR caddy[670248]: {"level":"info","ts":1741068778.1556487,"logger":"http.log","msg":"server running","name":"srv0","protocols":["h1","h2","h3"]}
Mar 04 09:12:58 DOOR caddy[670248]: {"level":"info","ts":1741068778.1558454,"logger":"tls.cache.maintenance","msg":"stopped background certificate maintenance","cache":"0xc0003492d0"}
Mar 04 09:12:58 DOOR caddy[670248]: {"level":"info","ts":1741068778.1578896,"msg":"autosaved config (load with --resume flag)","file":"/var/lib/caddy/.config/caddy/autosave.json"}
Mar 04 09:12:58 DOOR caddy[670248]: {"level":"info","ts":1741068778.1581597,"logger":"admin.api","msg":"load complete"}
Mar 04 09:12:58 DOOR caddy[670248]: {"level":"info","ts":1741068778.1614876,"logger":"admin","msg":"stopped previous server","address":"localhost:2019"}
Mar 04 09:12:58 DOOR systemd[1]: Reloaded caddy.service - Caddy.
Mar 04 09:30:09 DOOR systemd[1]: Reloading caddy.service - Caddy...
Mar 04 09:30:09 DOOR caddy[688426]: {"level":"info","ts":1741069809.3418677,"msg":"using provided configuration","config_file":"/etc/caddy/Caddyfile","config_adapter":""}
Mar 04 09:30:09 DOOR caddy[688426]: {"level":"warn","ts":1741069809.3453188,"msg":"Caddyfile input is not formatted; run the 'caddy fmt' command to fix inconsistencies","adapter":"caddyfile","file":"/etc/caddy/Caddyfile","line":27}
Mar 04 09:30:09 DOOR caddy[670248]: {"level":"info","ts":1741069809.347387,"logger":"admin.api","msg":"received request","method":"POST","host":"localhost:2019","uri":"/load","remote_ip":"127.0.0.1","remote_port":"37288","headers":{"Accept-Encoding":["gzip"],"Cache-Control":["must-revalidate"],"Content-Length":["395"],"Content-Type":["application/json"],"Origin":["http://localhost:2019"],"User-Agent":["Go-http-client/1.1"]}}
Mar 04 09:30:09 DOOR caddy[670248]: {"level":"info","ts":1741069809.348729,"logger":"admin","msg":"admin endpoint started","address":"localhost:2019","enforce_origin":false,"origins":["//127.0.0.1:2019","//localhost:2019","//[::1]:2019"]}
Mar 04 09:30:09 DOOR caddy[670248]: {"level":"warn","ts":1741069809.3489187,"logger":"http","msg":"server is listening only on the HTTP port, so no automatic HTTPS will be applied to this server","server_name":"srv0","http_port":80}
Mar 04 09:30:09 DOOR caddy[670248]: {"level":"info","ts":1741069809.3491642,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0xc00046f420"}
Mar 04 09:30:09 DOOR caddy[670248]: {"level":"info","ts":1741069809.3495402,"logger":"http.log","msg":"server running","name":"srv0","protocols":["h1","h2","h3"]}
Mar 04 09:30:09 DOOR caddy[670248]: {"level":"info","ts":1741069809.3497055,"logger":"tls.cache.maintenance","msg":"stopped background certificate maintenance","cache":"0xc000266230"}
Mar 04 09:30:09 DOOR caddy[670248]: {"level":"info","ts":1741069809.3499656,"msg":"autosaved config (load with --resume flag)","file":"/var/lib/caddy/.config/caddy/autosave.json"}
Mar 04 09:30:09 DOOR caddy[670248]: {"level":"info","ts":1741069809.3501372,"logger":"admin.api","msg":"load complete"}
Mar 04 09:30:09 DOOR caddy[670248]: {"level":"info","ts":1741069809.3524504,"logger":"admin","msg":"stopped previous server","address":"localhost:2019"}
Mar 04 09:30:09 DOOR systemd[1]: Reloaded caddy.service - Caddy.
Mar 04 09:49:03 DOOR systemd[1]: Reloading caddy.service - Caddy...
Mar 04 09:49:03 DOOR caddy[691339]: {"level":"info","ts":1741070943.4034526,"msg":"using provided configuration","config_file":"/etc/caddy/Caddyfile","config_adapter":""}
Mar 04 09:49:03 DOOR caddy[691339]: {"level":"warn","ts":1741070943.4105282,"msg":"Caddyfile input is not formatted; run the 'caddy fmt' command to fix inconsistencies","adapter":"caddyfile","file":"/etc/caddy/Caddyfile","line":27}
Mar 04 09:49:03 DOOR caddy[670248]: {"level":"info","ts":1741070943.4139411,"logger":"admin.api","msg":"received request","method":"POST","host":"localhost:2019","uri":"/load","remote_ip":"127.0.0.1","remote_port":"59912","headers":{"Accept-Encoding":["gzip"],"Cache-Control":["must-revalidate"],"Content-Length":["395"],"Content-Type":["application/json"],"Origin":["http://localhost:2019"],"User-Agent":["Go-http-client/1.1"]}}
Mar 04 09:49:03 DOOR caddy[670248]: {"level":"info","ts":1741070943.4156446,"logger":"admin","msg":"admin endpoint started","address":"localhost:2019","enforce_origin":false,"origins":["//localhost:2019","//[::1]:2019","//127.0.0.1:2019"]}
Mar 04 09:49:03 DOOR caddy[670248]: {"level":"warn","ts":1741070943.4158232,"logger":"http","msg":"server is listening only on the HTTP port, so no automatic HTTPS will be applied to this server","server_name":"srv0","http_port":80}
Mar 04 09:49:03 DOOR caddy[670248]: {"level":"info","ts":1741070943.4161193,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0xc000249880"}
Mar 04 09:49:03 DOOR caddy[670248]: {"level":"info","ts":1741070943.416716,"logger":"http.log","msg":"server running","name":"srv0","protocols":["h1","h2","h3"]}
Mar 04 09:49:03 DOOR caddy[670248]: {"level":"info","ts":1741070943.4169388,"logger":"tls.cache.maintenance","msg":"stopped background certificate maintenance","cache":"0xc00046f420"}
Mar 04 09:49:03 DOOR caddy[670248]: {"level":"info","ts":1741070943.4174728,"msg":"autosaved config (load with --resume flag)","file":"/var/lib/caddy/.config/caddy/autosave.json"}
Mar 04 09:49:03 DOOR caddy[670248]: {"level":"info","ts":1741070943.4177477,"logger":"admin.api","msg":"load complete"}
Mar 04 09:49:03 DOOR caddy[670248]: {"level":"info","ts":1741070943.4200318,"logger":"admin","msg":"stopped previous server","address":"localhost:2019"}
Mar 04 09:49:03 DOOR systemd[1]: Reloaded caddy.service - Caddy.
Mar 04 09:51:45 DOOR systemd[1]: Reloading caddy.service - Caddy...
Mar 04 09:51:45 DOOR caddy[692700]: {"level":"info","ts":1741071105.8899784,"msg":"using provided configuration","config_file":"/etc/caddy/Caddyfile","config_adapter":""}
Mar 04 09:51:45 DOOR caddy[692700]: {"level":"warn","ts":1741071105.8936532,"msg":"Caddyfile input is not formatted; run the 'caddy fmt' command to fix inconsistencies","adapter":"caddyfile","file":"/etc/caddy/Caddyfile","line":30}
Mar 04 09:51:45 DOOR caddy[670248]: {"level":"info","ts":1741071105.8962152,"logger":"admin.api","msg":"received request","method":"POST","host":"localhost:2019","uri":"/load","remote_ip":"127.0.0.1","remote_port":"59278","headers":{"Accept-Encoding":["gzip"],"Cache-Control":["must-revalidate"],"Content-Length":["396"],"Content-Type":["application/json"],"Origin":["http://localhost:2019"],"User-Agent":["Go-http-client/1.1"]}}
Mar 04 09:51:45 DOOR caddy[670248]: {"level":"info","ts":1741071105.8979986,"logger":"admin","msg":"admin endpoint started","address":"localhost:2019","enforce_origin":false,"origins":["//[::1]:2019","//127.0.0.1:2019","//localhost:2019"]}
Mar 04 09:51:45 DOOR caddy[670248]: {"level":"info","ts":1741071105.898297,"logger":"http","msg":"server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS","server_name":"srv0","https_port":443}
Mar 04 09:51:45 DOOR caddy[670248]: {"level":"info","ts":1741071105.8984706,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0xc00046f5e0"}
Mar 04 09:51:45 DOOR caddy[670248]: {"level":"info","ts":1741071105.898801,"logger":"http","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv0"}
Mar 04 09:51:45 DOOR caddy[670248]: {"level":"info","ts":1741071105.9000056,"logger":"http","msg":"enabling HTTP/3 listener","addr":":443"}
Mar 04 09:51:45 DOOR caddy[670248]: {"level":"info","ts":1741071105.9071186,"logger":"http.log","msg":"server running","name":"srv0","protocols":["h1","h2","h3"]}
Mar 04 09:51:45 DOOR caddy[670248]: {"level":"info","ts":1741071105.9076984,"logger":"http.log","msg":"server running","name":"remaining_auto_https_redirects","protocols":["h1","h2","h3"]}
Mar 04 09:51:45 DOOR caddy[670248]: {"level":"info","ts":1741071105.907736,"logger":"http","msg":"enabling automatic TLS certificate management","domains":["docker.io"]}
Mar 04 09:51:45 DOOR caddy[670248]: {"level":"info","ts":1741071105.9099033,"logger":"tls.cache.maintenance","msg":"stopped background certificate maintenance","cache":"0xc000249880"}
Mar 04 09:51:45 DOOR caddy[670248]: {"level":"info","ts":1741071105.9103441,"msg":"autosaved config (load with --resume flag)","file":"/var/lib/caddy/.config/caddy/autosave.json"}
Mar 04 09:51:45 DOOR caddy[670248]: {"level":"info","ts":1741071105.9106135,"logger":"admin.api","msg":"load complete"}
Mar 04 09:51:45 DOOR caddy[670248]: {"level":"info","ts":1741071105.9145098,"logger":"tls.obtain","msg":"acquiring lock","identifier":"docker.io"}
Mar 04 09:51:45 DOOR caddy[670248]: {"level":"info","ts":1741071105.9215093,"logger":"admin","msg":"stopped previous server","address":"localhost:2019"}
Mar 04 09:51:45 DOOR systemd[1]: Reloaded caddy.service - Caddy.
Mar 04 09:51:45 DOOR caddy[670248]: {"level":"info","ts":1741071105.952937,"logger":"tls.obtain","msg":"lock acquired","identifier":"docker.io"}
Mar 04 09:51:45 DOOR caddy[670248]: {"level":"info","ts":1741071105.960956,"logger":"tls.obtain","msg":"obtaining certificate","identifier":"docker.io"}
3. Caddy version: 2.6.2
4. How I installed and ran Caddy: sudo apt install caddy
a. System environment: wsl2 x64 Debian systemd
b. Command:
sudo systemctl reload caddy
c. Service/unit/compose file:
PASTE OVER THIS, BETWEEN THE ``` LINES.
Please use the preview pane to ensure it looks nice.
d. My complete Caddy config:
docker.io {
uri replace /* /ddn-k8s/docker.io/*
reverse_proxy https://swr.cn-north-4.myhuaweicloud.com
}
5. Links to relevant resources: /etc/hosts
# This file was automatically generated by WSL. To stop automatic generation of this file, add the following entry to /etc/wsl.conf:
# [network]
# generateHosts = false
127.0.0.1 localhost
127.0.1.1 DOOR. DOOR
127.0.1.1 gcr.io registry.k8s.io docker.io registry-1.docker.io
# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
Hello everyone, I am running command docker pull docker.io/mysql:8.0.40-debian . but in my country, I can not access docker.io. so I want to redirect docker.io to https://swr.cn-north-4.myhuaweicloud.com/ddn-k8s/docker.io