Why I get this 400 error when getting validation data

Potato_Running · November 2, 2018, 7:23am

When I run caddy on my server I get this error

Activating privacy features... 2018/11/02 15:16:23 [a.position.group] failed to get certificate: acme: Error 400 - urn:ietf:params:acme:error:connection - Fetching http://a.position.group/.well-known/acme-challenge/FWGWw_l8rNNryV7_3hSg9V8dZysrQF8027B2MJxzC1Q: Error getting validation data

I had check firewall but it is not the reson.

my Caddyfile is

api.position.group
gzip
log ./log.log
markdown /blog {
    css /blog.css
    js  /scripts.js
}

and caddy -log=stdout is

Activating privacy features... 2018/11/02 15:16:37 [INFO][api.position.group] acme: Obtaining bundled SAN certificate
2018/11/02 15:16:39 [INFO][api.position.group] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz/PbGhj4uZKossTrPp9cTpVARRmGO3fXUDzeWDClHFfr0
2018/11/02 15:16:39 [INFO][api.position.group] acme: Could not find solver for: tls-alpn-01
2018/11/02 15:16:39 [INFO][api.position.group] acme: Trying to solve HTTP-01
2018/11/02 15:16:45 [api.position.group] failed to get certificate: acme: Error 400 - urn:ietf:params:acme:error:connection - Fetching http://a.position.group/.well-known/acme-challenge/7nTr0qca3HV7hWBWMmBmbqg--cctBR4r7FZkFsTaTYQ: Error getting validation data

I had post a github issues this

Whitestrake · November 2, 2018, 7:40am

Hi @Potato_Running, welcome to the Caddy community!

Your Caddyfile says api.position.group but your logs report errors for a.position.group.

The former has DNS A records, but the latter does not.

The prime suspect when Caddy is logging errors for a site that’s different to your Caddyfile is that Caddy is loading the wrong Caddyfile, or an outdated one.

Potato_Running · November 2, 2018, 8:29am

I am sorry to say that a.positon.group is testing dns . The problem is not about Caddyfile

Whitestrake · November 2, 2018, 8:37am

Ahh, looks like you’ve edited your logs to show the same hostname now.

Just to confirm, what you posted above is the full, unredacted contents of your Caddyfile? And your Caddy host is directly available at 118.25.13.120 (rather than that IP address being a proxy or load balancer etc)?

To be honest, I don’t think I’ve ever had to deal with Error getting validation data. I’m having trouble finding out exactly what circumstances provoke that particular error, but some quick research indicates it can happen when there are strange / nonsensical redirects happening.

Potato_Running · November 2, 2018, 11:02am

I have post a photo to show this question, thank for your listenning~.

magikstm · November 2, 2018, 2:43pm

Are ports 80 and 443 open for this domain?

Potato_Running · November 3, 2018, 1:43am

Yes,they are all opened.

magikstm · November 3, 2018, 2:21am

Main domain appears to be unavailable online:

Can this domain and subdomains work and be viewable externally if https is disabled?

Potato_Running · November 3, 2018, 6:46am

Yes ping api.position.group is available.
And I can run caddy success on a japanese server
https://jap.position.group/

Potato_Running · November 3, 2018, 9:16am

Oh!! It is maybe my domain is in china .Need to record.

Whitestrake · November 3, 2018, 2:33pm

Hmm, maybe - if the route to your IP address doesn’t actually reach the server, that would explain LetsEncrypt’s error.

system · February 1, 2019, 2:33pm

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.