1. Output of caddy version
:
v2.6.2 h1:wKoFIxpmOJLGl3QXoo6PNbYvGW4xLEgo32GPBEjWL8o=
2. How I run Caddy:
Using docker with a custom built image to support digitalocean plugin.
a. System environment:
Docker on a DigitalOcean VPS
b. Command:
docker compose up -d
c. Service/unit/compose file:
version: "3.7"
networks:
com:
external: true
internal:
external: false
driver: bridge
services:
caddy:
container_name: caddy
image: test-caddy
restart: unless-stopped
ports:
- "80:80"
- "443:443"
volumes:
- ./:/etc/caddy
- ./data:/data
- ./config:/config
networks:
- com
- internal
d. My complete Caddy config:
{
acme_dns digitalocean TOKEN
}
*.example.com {
tls email
@cd host cd.example.com
handle @cd {
reverse_proxy localhost:5000
}
}
3. The problem Iâm having:
I was trying to work Caddy with wildcard certiifcates. But Iâm getting this error
Note: The domains, API key and email was changed before posting here. Theyâre the real ones in the original file.
4. Error messages and/or full log output:
caddy | {"level":"info","ts":1670144172.705275,"msg":"using provided configuration","config_file":"/etc/caddy/Caddyfile","config_adapter":"caddyfile"}
caddy | {"level":"info","ts":1670144172.7075498,"logger":"admin","msg":"admin endpoint started","address":"localhost:2019","enforce_origin":false,"origins":["//localhost:2019","//[::1]:2019","//127.0.0.1:2019"]}
caddy | {"level":"info","ts":1670144172.7081594,"logger":"http","msg":"server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS","server_name":"srv0","https_port":443}
caddy | {"level":"info","ts":1670144172.7082477,"logger":"http","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv0"}
caddy | {"level":"debug","ts":1670144172.7090368,"logger":"http","msg":"starting server loop","address":"[::]:80","tls":false,"http3":false}
caddy | {"level":"info","ts":1670144172.7091339,"logger":"http.log","msg":"server running","name":"remaining_auto_https_redirects","protocols":["h1","h2","h3"]}
caddy | {"level":"info","ts":1670144172.7092092,"logger":"http","msg":"enabling HTTP/3 listener","addr":":443"}
caddy | {"level":"info","ts":1670144172.7093208,"msg":"failed to sufficiently increase receive buffer size (was: 208 kiB, wanted: 2048 kiB, got: 416 kiB). See https://github.com/lucas-clemente/quic-go/wiki/UDP-Receive-Buffer-Size for details."}
caddy | {"level":"debug","ts":1670144172.7094316,"logger":"http","msg":"starting server loop","address":"[::]:443","tls":true,"http3":true}
caddy | {"level":"info","ts":1670144172.7094991,"logger":"http.log","msg":"server running","name":"srv0","protocols":["h1","h2","h3"]}
caddy | {"level":"info","ts":1670144172.709533,"logger":"http","msg":"enabling automatic TLS certificate management","domains":["*.example.com"]}
caddy | {"level":"info","ts":1670144172.7098174,"msg":"autosaved config (load with --resume flag)","file":"/config/caddy/autosave.json"}
caddy | {"level":"info","ts":1670144172.7098746,"msg":"serving initial configuration"}
caddy | {"level":"info","ts":1670144172.710552,"logger":"tls.obtain","msg":"acquiring lock","identifier":"*.example.com"}
caddy | {"level":"info","ts":1670144172.713003,"logger":"tls.obtain","msg":"lock acquired","identifier":"*.example.com"}
caddy | {"level":"info","ts":1670144172.7146335,"logger":"tls.obtain","msg":"obtaining certificate","identifier":"*.example.com"}
caddy | {"level":"debug","ts":1670144172.7148502,"logger":"events","msg":"event","name":"cert_obtaining","id":"2496d076-0d52-44b5-95bc-97a61aa7c499","origin":"tls","data":{"identifier":"*.example.com"}}
caddy | {"level":"debug","ts":1670144172.7152817,"logger":"tls.obtain","msg":"trying issuer 1/2","issuer":"acme-v02.api.letsencrypt.org-directory"}
caddy | {"level":"info","ts":1670144172.7157884,"logger":"http","msg":"waiting on internal rate limiter","identifiers":["*.example.com"],"ca":"https://acme-v02.api.letsencrypt.org/directory","account":"email"}
caddy | {"level":"info","ts":1670144172.7158778,"logger":"http","msg":"done waiting on internal rate limiter","identifiers":["*.example.com"],"ca":"https://acme-v02.api.letsencrypt.org/directory","account":"email"}
caddy | {"level":"info","ts":1670144172.7176874,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0xc0002532d0"}
caddy | {"level":"info","ts":1670144172.7178473,"logger":"tls","msg":"cleaning storage unit","description":"FileStorage:/data/caddy"}
caddy | {"level":"info","ts":1670144172.7179127,"logger":"tls","msg":"finished cleaning storage units"}
caddy | {"level":"debug","ts":1670144173.5733871,"logger":"http.acme_client","msg":"http request","method":"GET","url":"https://acme-v02.api.letsencrypt.org/directory","headers":{"User-Agent":["Caddy/2.6.2 CertMagic acmez (linux; amd64)"]},"response_headers":{"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["659"],"Content-Type":["application/json"],"Date":["Sun, 04 Dec 2022 08:56:13 GMT"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]},"status_code":200}
caddy | {"level":"debug","ts":1670144173.8418436,"logger":"http.acme_client","msg":"http request","method":"HEAD","url":"https://acme-v02.api.letsencrypt.org/acme/new-nonce","headers":{"User-Agent":["Caddy/2.6.2 CertMagic acmez (linux; amd64)"]},"response_headers":{"Cache-Control":["public, max-age=0, no-cache"],"Date":["Sun, 04 Dec 2022 08:56:13 GMT"],"Link":["<https://acme-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Replay-Nonce":["371CxwkP3PDa7uBPJrGdJT3FeqemOvGYNCu6vKBvfNC0NJQ"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]},"status_code":200}
caddy | {"level":"debug","ts":1670144174.3117144,"logger":"http.acme_client","msg":"http request","method":"POST","url":"https://acme-v02.api.letsencrypt.org/acme/new-order","headers":{"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.6.2 CertMagic acmez (linux; amd64)"]},"response_headers":{"Boulder-Requester":["855247577"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["340"],"Content-Type":["application/json"],"Date":["Sun, 04 Dec 2022 08:56:14 GMT"],"Link":["<https://acme-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Location":["https://acme-v02.api.letsencrypt.org/acme/order/855247577/150209150817"],"Replay-Nonce":["C878Q6xZ-KQ25xu-xpg0NnVqiYHrP9XFyUWfPd7B0LSlDOs"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]},"status_code":201}
caddy | {"level":"debug","ts":1670144174.5961976,"logger":"http.acme_client","msg":"http request","method":"POST","url":"https://acme-v02.api.letsencrypt.org/acme/authz-v3/183773519017","headers":{"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.6.2 CertMagic acmez (linux; amd64)"]},"response_headers":{"Boulder-Requester":["855247577"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["387"],"Content-Type":["application/json"],"Date":["Sun, 04 Dec 2022 08:56:14 GMT"],"Link":["<https://acme-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Replay-Nonce":["1DFAWXosm7glbSlR4iQU-2LASXS-uLMx9SQafh_mwpKZwRI"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]},"status_code":200}
caddy | {"level":"info","ts":1670144174.5965059,"logger":"http.acme_client","msg":"trying to solve challenge","identifier":"*.example.com","challenge_type":"dns-01","ca":"https://acme-v02.api.letsencrypt.org/directory"}
caddy | {"level":"debug","ts":1670144175.7504728,"logger":"http.acme_client","msg":"waiting for solver before continuing","identifier":"*.example.com","challenge_type":"dns-01"}
caddy | {"level":"debug","ts":1670144177.7578695,"logger":"http.acme_client","msg":"done waiting for solver","identifier":"*.example.com","challenge_type":"dns-01"}
caddy | {"level":"debug","ts":1670144178.405722,"logger":"http.acme_client","msg":"http request","method":"POST","url":"https://acme-v02.api.letsencrypt.org/acme/authz-v3/183773519017","headers":{"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.6.2 CertMagic acmez (linux; amd64)"]},"response_headers":{"Boulder-Requester":["855247577"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["391"],"Content-Type":["application/json"],"Date":["Sun, 04 Dec 2022 08:56:18 GMT"],"Link":["<https://acme-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Replay-Nonce":["5CA2520DfB0HqcRAKle_cbXufLyE2020bhWC7NU1YSWottY"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]},"status_code":200}
caddy | {"level":"error","ts":1670144178.4064107,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"*.example.com","issuer":"acme-v02.api.letsencrypt.org-directory","error":"[*.example.com] solving challenges: waiting for solver certmagic.solverWrapper to be ready: checking DNS propagation of \"_acme-challenge.example.com\": could not determine authoritative nameservers (order=https://acme-v02.api.letsencrypt.org/acme/order/855247577/150209150817) (ca=https://acme-v02.api.letsencrypt.org/directory)"}
caddy | {"level":"debug","ts":1670144178.406548,"logger":"tls.obtain","msg":"trying issuer 2/2","issuer":"acme.zerossl.com-v2-DV90"}
caddy | {"level":"info","ts":1670144178.407191,"logger":"http","msg":"waiting on internal rate limiter","identifiers":["*.example.com"],"ca":"https://acme.zerossl.com/v2/DV90","account":"email"}
caddy | {"level":"info","ts":1670144178.4073071,"logger":"http","msg":"done waiting on internal rate limiter","identifiers":["*.example.com"],"ca":"https://acme.zerossl.com/v2/DV90","account":"email"}
caddy | {"level":"debug","ts":1670144179.313984,"logger":"http.acme_client","msg":"http request","method":"GET","url":"https://acme.zerossl.com/v2/DV90","headers":{"User-Agent":["Caddy/2.6.2 CertMagic acmez (linux; amd64)"]},"response_headers":{"Access-Control-Allow-Origin":["*"],"Content-Length":["645"],"Content-Type":["application/json"],"Date":["Sun, 04 Dec 2022 08:56:19 GMT"],"Server":["nginx"],"Strict-Transport-Security":["max-age=15724800; includeSubDomains"]},"status_code":200}
caddy | {"level":"debug","ts":1670144182.463191,"logger":"http.acme_client","msg":"http request","method":"HEAD","url":"https://acme.zerossl.com/v2/DV90/newNonce","headers":{"User-Agent":["Caddy/2.6.2 CertMagic acmez (linux; amd64)"]},"response_headers":{"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=0, no-cache, no-store"],"Content-Type":["application/octet-stream"],"Date":["Sun, 04 Dec 2022 08:56:22 GMT"],"Link":["<https://acme.zerossl.com/v2/DV90>;rel=\"index\""],"Replay-Nonce":["U3wJTm4Hi8vCeupjIc4V3yakrZyVC9yYoDfRk8RuU4A"],"Server":["nginx"],"Strict-Transport-Security":["max-age=15724800; includeSubDomains"]},"status_code":200}
caddy | {"level":"debug","ts":1670144185.3027523,"logger":"http.acme_client","msg":"http request","method":"POST","url":"https://acme.zerossl.com/v2/DV90/newOrder","headers":{"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.6.2 CertMagic acmez (linux; amd64)"]},"response_headers":{"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=0, no-cache, no-store"],"Content-Length":["277"],"Content-Type":["application/json"],"Date":["Sun, 04 Dec 2022 08:56:25 GMT"],"Location":["https://acme.zerossl.com/v2/DV90/order/TPsJJijAdLT4f6L1OnhC0g"],"Replay-Nonce":["fIhsxT3ERMkGGhmeELKfK4NaVTSUA000n7tAuRaRSrs"],"Server":["nginx"],"Strict-Transport-Security":["max-age=15724800; includeSubDomains"]},"status_code":201}
caddy | {"level":"debug","ts":1670144186.7797742,"logger":"events","msg":"event","name":"tls_get_certificate","id":"c0a187dd-d248-4cab-a790-b171fd3b320d","origin":"tls","data":{"client_hello":{"CipherSuites":[4866,4867,4865,49196,49200,49195,49199,52393,52392,159,158,52394,49327,49325,49326,49324,49188,49192,49187,49191,49162,49172,49161,49171,49315,49311,49314,49310,107,103,57,51,157,156,49313,49309,49312,49308,61,60,53,47,255],"ServerName":"example.com","SupportedCurves":[29,23,30,25,24],"SupportedPoints":"AAEC","SignatureSchemes":[1027,1283,1539,2055,2056,2057,2058,2059,2052,2053,2054,1025,1281,1537,771,515,769,513,770,514,1026,1282,1538],"SupportedProtos":["http/1.1"],"SupportedVersions":[772,771],"Conn":{}}}}
caddy | {"level":"debug","ts":1670144186.7801962,"logger":"tls.handshake","msg":"no matching certificates and no custom selection logic","identifier":"example.com"}
caddy | {"level":"debug","ts":1670144186.7802448,"logger":"tls.handshake","msg":"no matching certificates and no custom selection logic","identifier":"*.codes"}
caddy | {"level":"debug","ts":1670144186.7802627,"logger":"tls.handshake","msg":"no matching certificates and no custom selection logic","identifier":"*.*"}
caddy | {"level":"debug","ts":1670144186.7802813,"logger":"tls.handshake","msg":"all external certificate managers yielded no certificates and no errors","remote_ip":"111.92.73.21","remote_port":"37206","sni":"example.com"}
caddy | {"level":"debug","ts":1670144186.7807474,"logger":"tls.handshake","msg":"no certificate matching TLS ClientHello","remote_ip":"111.92.73.21","remote_port":"37206","server_name":"example.com","remote":"111.92.73.21:37206","identifier":"example.com","cipher_suites":[4866,4867,4865,49196,49200,49195,49199,52393,52392,159,158,52394,49327,49325,49326,49324,49188,49192,49187,49191,49162,49172,49161,49171,49315,49311,49314,49310,107,103,57,51,157,156,49313,49309,49312,49308,61,60,53,47,255],"cert_cache_fill":0,"load_if_necessary":true,"obtain_if_necessary":true,"on_demand":false}
caddy | {"level":"debug","ts":1670144186.7813444,"logger":"http.stdlib","msg":"http: TLS handshake error from 111.92.73.21:37206: no certificate available for 'example.com'"}
caddy | {"level":"debug","ts":1670144187.5308483,"logger":"http.acme_client","msg":"http request","method":"POST","url":"https://acme.zerossl.com/v2/DV90/authz/FsR6aJRvrr17hHbfzrwA1Q","headers":{"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.6.2 CertMagic acmez (linux; amd64)"]},"response_headers":{"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=0, no-cache, no-store"],"Content-Length":["297"],"Content-Type":["application/json"],"Date":["Sun, 04 Dec 2022 08:56:27 GMT"],"Link":["<https://acme.zerossl.com/v2/DV90>;rel=\"index\""],"Replay-Nonce":["yMjZ38HYQakwdBkF4FBQDdz2hx0PTg-QvoHOqRLsc98"],"Retry-After":["5"],"Server":["nginx"],"Strict-Transport-Security":["max-age=15724800; includeSubDomains"]},"status_code":200}
caddy | {"level":"info","ts":1670144187.5315335,"logger":"http.acme_client","msg":"trying to solve challenge","identifier":"*.example.com","challenge_type":"dns-01","ca":"https://acme.zerossl.com/v2/DV90"}
caddy | {"level":"debug","ts":1670144187.8813767,"logger":"http.acme_client","msg":"waiting for solver before continuing","identifier":"*.example.com","challenge_type":"dns-01"}
caddy | {"level":"debug","ts":1670144189.8891122,"logger":"http.acme_client","msg":"done waiting for solver","identifier":"*.example.com","challenge_type":"dns-01"}
caddy | {"level":"debug","ts":1670144193.37542,"logger":"http.acme_client","msg":"http request","method":"POST","url":"https://acme.zerossl.com/v2/DV90/authz/FsR6aJRvrr17hHbfzrwA1Q","headers":{"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.6.2 CertMagic acmez (linux; amd64)"]},"response_headers":{"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=0, no-cache, no-store"],"Content-Length":["141"],"Content-Type":["application/json"],"Date":["Sun, 04 Dec 2022 08:56:33 GMT"],"Link":["<https://acme.zerossl.com/v2/DV90>;rel=\"index\""],"Replay-Nonce":["82Dc4wC1SMHXHqViG3k-ek2NIsIsrUpPBy8j_1XuadY"],"Retry-After":["86400"],"Server":["nginx"],"Strict-Transport-Security":["max-age=15724800; includeSubDomains"]},"status_code":200}
caddy | {"level":"error","ts":1670144193.3755624,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"*.example.com","issuer":"acme.zerossl.com-v2-DV90","error":"[*.example.com] solving challenges: waiting for solver certmagic.solverWrapper to be ready: checking DNS propagation of \"_acme-challenge.example.com\": could not determine authoritative nameservers (order=https://acme.zerossl.com/v2/DV90/order/TPsJJijAdLT4f6L1OnhC0g) (ca=https://acme.zerossl.com/v2/DV90)"}
caddy | {"level":"debug","ts":1670144193.3756192,"logger":"events","msg":"event","name":"cert_failed","id":"c68fbbd7-b9dd-471b-91df-c56080a20f05","origin":"tls","data":{"error":{},"identifier":"*.example.com","issuers":["acme-v02.api.letsencrypt.org-directory","acme.zerossl.com-v2-DV90"],"renewal":false}}
caddy | {"level":"error","ts":1670144193.3756602,"logger":"tls.obtain","msg":"will retry","error":"[*.example.com] Obtain: [*.example.com] solving challenges: waiting for solver certmagic.solverWrapper to be ready: checking DNS propagation of \"_acme-challenge.example.com\": could not determine authoritative nameservers (order=https://acme.zerossl.com/v2/DV90/order/TPsJJijAdLT4f6L1OnhC0g) (ca=https://acme.zerossl.com/v2/DV90)","attempt":1,"retrying_in":60,"elapsed":20.662508228,"max_duration":2592000}
caddy | {"level":"debug","ts":1670144248.6258576,"logger":"events","msg":"event","name":"tls_get_certificate","id":"5e06f99a-55e9-4eea-b3e4-7b343683fdce","origin":"tls","data":{"client_hello":{"CipherSuites":[4866,4867,4865,49196,49200,49195,49199,52393,52392,159,158,52394,49327,49325,49326,49324,49188,49192,49187,49191,49162,49172,49161,49171,49315,49311,49314,49310,107,103,57,51,157,156,49313,49309,49312,49308,61,60,53,47,255],"ServerName":"example.com","SupportedCurves":[29,23,30,25,24],"SupportedPoints":"AAEC","SignatureSchemes":[1027,1283,1539,2055,2056,2057,2058,2059,2052,2053,2054,1025,1281,1537,771,515,769,513,770,514,1026,1282,1538],"SupportedProtos":["http/1.1"],"SupportedVersions":[772,771],"Conn":{}}}}
caddy | {"level":"debug","ts":1670144248.6259162,"logger":"tls.handshake","msg":"no matching certificates and no custom selection logic","identifier":"example.com"}
caddy | {"level":"debug","ts":1670144248.6259243,"logger":"tls.handshake","msg":"no matching certificates and no custom selection logic","identifier":"*.codes"}
caddy | {"level":"debug","ts":1670144248.6259267,"logger":"tls.handshake","msg":"no matching certificates and no custom selection logic","identifier":"*.*"}
caddy | {"level":"debug","ts":1670144248.6259303,"logger":"tls.handshake","msg":"all external certificate managers yielded no certificates and no errors","remote_ip":"111.92.73.21","remote_port":"38064","sni":"example.com"}
caddy | {"level":"debug","ts":1670144248.6259344,"logger":"tls.handshake","msg":"no certificate matching TLS ClientHello","remote_ip":"111.92.73.21","remote_port":"38064","server_name":"example.com","remote":"111.92.73.21:38064","identifier":"example.com","cipher_suites":[4866,4867,4865,49196,49200,49195,49199,52393,52392,159,158,52394,49327,49325,49326,49324,49188,49192,49187,49191,49162,49172,49161,49171,49315,49311,49314,49310,107,103,57,51,157,156,49313,49309,49312,49308,61,60,53,47,255],"cert_cache_fill":0,"load_if_necessary":true,"obtain_if_necessary":true,"on_demand":false}
caddy | {"level":"debug","ts":1670144248.6259978,"logger":"http.stdlib","msg":"http: TLS handshake error from 111.92.73.21:38064: no certificate available for 'example.com'"}
caddy | {"level":"info","ts":1670144253.3760183,"logger":"tls.obtain","msg":"obtaining certificate","identifier":"*.example.com"}
caddy | {"level":"debug","ts":1670144253.3760788,"logger":"events","msg":"event","name":"cert_obtaining","id":"1a60c674-d956-461c-90f6-8ef1501f4462","origin":"tls","data":{"identifier":"*.example.com"}}
caddy | {"level":"debug","ts":1670144253.37637,"logger":"tls.obtain","msg":"trying issuer 1/2","issuer":"acme-v02.api.letsencrypt.org-directory"}
caddy | {"level":"debug","ts":1670144254.1766593,"logger":"http.acme_client","msg":"http request","method":"GET","url":"https://acme-staging-v02.api.letsencrypt.org/directory","headers":{"User-Agent":["Caddy/2.6.2 CertMagic acmez (linux; amd64)"]},"response_headers":{"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["830"],"Content-Type":["application/json"],"Date":["Sun, 04 Dec 2022 08:57:34 GMT"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]},"status_code":200}
caddy | {"level":"debug","ts":1670144254.4285743,"logger":"http.acme_client","msg":"http request","method":"HEAD","url":"https://acme-staging-v02.api.letsencrypt.org/acme/new-nonce","headers":{"User-Agent":["Caddy/2.6.2 CertMagic acmez (linux; amd64)"]},"response_headers":{"Cache-Control":["public, max-age=0, no-cache"],"Date":["Sun, 04 Dec 2022 08:57:34 GMT"],"Link":["<https://acme-staging-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Replay-Nonce":["7F3CiQzRG88tVwrZR-lt0QNOQ2XiL2DecWk4nKBRCh_dPeQ"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]},"status_code":200}
caddy | {"level":"debug","ts":1670144254.732994,"logger":"http.acme_client","msg":"http request","method":"POST","url":"https://acme-staging-v02.api.letsencrypt.org/acme/new-order","headers":{"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.6.2 CertMagic acmez (linux; amd64)"]},"response_headers":{"Boulder-Requester":["78454884"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["351"],"Content-Type":["application/json"],"Date":["Sun, 04 Dec 2022 08:57:34 GMT"],"Link":["<https://acme-staging-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Location":["https://acme-staging-v02.api.letsencrypt.org/acme/order/78454884/5634113794"],"Replay-Nonce":["8F05OPpwZfqGulsryqrHI8IYp3oKicd5wOqHnMn7fFHfm_0"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]},"status_code":201}
caddy | {"level":"debug","ts":1670144254.9886522,"logger":"http.acme_client","msg":"http request","method":"POST","url":"https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/4529784124","headers":{"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.6.2 CertMagic acmez (linux; amd64)"]},"response_headers":{"Boulder-Requester":["78454884"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["393"],"Content-Type":["application/json"],"Date":["Sun, 04 Dec 2022 08:57:34 GMT"],"Link":["<https://acme-staging-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Replay-Nonce":["BEB9DxOe4w2G6MPpJPhoLnjqE19JauRo0l6cE0YGBV4pjzs"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]},"status_code":200}
caddy | {"level":"info","ts":1670144254.9893289,"logger":"http.acme_client","msg":"trying to solve challenge","identifier":"*.example.com","challenge_type":"dns-01","ca":"https://acme-staging-v02.api.letsencrypt.org/directory"}
caddy | {"level":"debug","ts":1670144255.3840158,"logger":"http.acme_client","msg":"waiting for solver before continuing","identifier":"*.example.com","challenge_type":"dns-01"}
caddy | {"level":"debug","ts":1670144257.3915486,"logger":"http.acme_client","msg":"done waiting for solver","identifier":"*.example.com","challenge_type":"dns-01"}
caddy | {"level":"debug","ts":1670144258.0481255,"logger":"http.acme_client","msg":"http request","method":"POST","url":"https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/4529784124","headers":{"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.6.2 CertMagic acmez (linux; amd64)"]},"response_headers":{"Boulder-Requester":["78454884"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["397"],"Content-Type":["application/json"],"Date":["Sun, 04 Dec 2022 08:57:37 GMT"],"Link":["<https://acme-staging-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Replay-Nonce":["7F3CuRZSohDteqnzOpTOyHuuFD4O9sbmEKPUO1oZyF2IX-Q"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]},"status_code":200}
caddy | {"level":"error","ts":1670144258.0488505,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"*.example.com","issuer":"acme-v02.api.letsencrypt.org-directory","error":"[*.example.com] solving challenges: waiting for solver certmagic.solverWrapper to be ready: checking DNS propagation of \"_acme-challenge.example.com\": could not determine authoritative nameservers (order=https://acme-staging-v02.api.letsencrypt.org/acme/order/78454884/5634113794) (ca=https://acme-staging-v02.api.letsencrypt.org/directory)"}
caddy | {"level":"debug","ts":1670144258.0491629,"logger":"tls.obtain","msg":"trying issuer 2/2","issuer":"acme.zerossl.com-v2-DV90"}
caddy | {"level":"debug","ts":1670144260.1745253,"logger":"http.acme_client","msg":"http request","method":"HEAD","url":"https://acme.zerossl.com/v2/DV90/newNonce","headers":{"User-Agent":["Caddy/2.6.2 CertMagic acmez (linux; amd64)"]},"response_headers":{"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=0, no-cache, no-store"],"Content-Type":["application/octet-stream"],"Date":["Sun, 04 Dec 2022 08:57:40 GMT"],"Link":["<https://acme.zerossl.com/v2/DV90>;rel=\"index\""],"Replay-Nonce":["J37A2QvOr2YqrVFlPEF_pxJH-lhLT85PdugtqRTspUk"],"Server":["nginx"],"Strict-Transport-Security":["max-age=15724800; includeSubDomains"]},"status_code":200}
caddy | {"level":"debug","ts":1670144262.7259126,"logger":"http.acme_client","msg":"http request","method":"POST","url":"https://acme.zerossl.com/v2/DV90/newOrder","headers":{"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.6.2 CertMagic acmez (linux; amd64)"]},"response_headers":{"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=0, no-cache, no-store"],"Content-Length":["277"],"Content-Type":["application/json"],"Date":["Sun, 04 Dec 2022 08:57:42 GMT"],"Location":["https://acme.zerossl.com/v2/DV90/order/giHSIM8Fy1QmJLJtvPQ_og"],"Replay-Nonce":["gvSIs4kE3d7cTy4V-7RL6D0EYXk4TQP7sMyDcPcW51A"],"Server":["nginx"],"Strict-Transport-Security":["max-age=15724800; includeSubDomains"]},"status_code":201}
caddy | {"level":"debug","ts":1670144264.6616774,"logger":"http.acme_client","msg":"http request","method":"POST","url":"https://acme.zerossl.com/v2/DV90/authz/GCbREmms5B0QW6oDCg7ebQ","headers":{"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.6.2 CertMagic acmez (linux; amd64)"]},"response_headers":{"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=0, no-cache, no-store"],"Content-Length":["297"],"Content-Type":["application/json"],"Date":["Sun, 04 Dec 2022 08:57:44 GMT"],"Link":["<https://acme.zerossl.com/v2/DV90>;rel=\"index\""],"Replay-Nonce":["7FoG65N-GSGt7Mumusf4WahyQ6DprWoqS1Deyb0EVhs"],"Retry-After":["5"],"Server":["nginx"],"Strict-Transport-Security":["max-age=15724800; includeSubDomains"]},"status_code":200}
caddy | {"level":"info","ts":1670144264.6618307,"logger":"http.acme_client","msg":"trying to solve challenge","identifier":"*.example.com","challenge_type":"dns-01","ca":"https://acme.zerossl.com/v2/DV90"}
caddy | {"level":"debug","ts":1670144264.969919,"logger":"http.acme_client","msg":"waiting for solver before continuing","identifier":"*.example.com","challenge_type":"dns-01"}
caddy | {"level":"debug","ts":1670144266.976503,"logger":"http.acme_client","msg":"done waiting for solver","identifier":"*.example.com","challenge_type":"dns-01"}
caddy | {"level":"debug","ts":1670144269.9554064,"logger":"http.acme_client","msg":"http request","method":"POST","url":"https://acme.zerossl.com/v2/DV90/authz/GCbREmms5B0QW6oDCg7ebQ","headers":{"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.6.2 CertMagic acmez (linux; amd64)"]},"response_headers":{"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=0, no-cache, no-store"],"Content-Length":["141"],"Content-Type":["application/json"],"Date":["Sun, 04 Dec 2022 08:57:49 GMT"],"Link":["<https://acme.zerossl.com/v2/DV90>;rel=\"index\""],"Replay-Nonce":["HLv167rFu9dc6NO1tWSFFFt7lYK3LwZhbBiBkKLCafg"],"Retry-After":["86400"],"Server":["nginx"],"Strict-Transport-Security":["max-age=15724800; includeSubDomains"]},"status_code":200}
caddy | {"level":"error","ts":1670144269.9555976,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"*.example.com","issuer":"acme.zerossl.com-v2-DV90","error":"[*.example.com] solving challenges: waiting for solver certmagic.solverWrapper to be ready: checking DNS propagation of \"_acme-challenge.example.com\": could not determine authoritative nameservers (order=https://acme.zerossl.com/v2/DV90/order/giHSIM8Fy1QmJLJtvPQ_og) (ca=https://acme.zerossl.com/v2/DV90)"}
caddy | {"level":"debug","ts":1670144269.9556508,"logger":"events","msg":"event","name":"cert_failed","id":"00a985c5-7af7-4bad-ab97-5d776793018e","origin":"tls","data":{"error":{},"identifier":"*.example.com","issuers":["acme-v02.api.letsencrypt.org-directory","acme.zerossl.com-v2-DV90"],"renewal":false}}
caddy | {"level":"error","ts":1670144269.9556775,"logger":"tls.obtain","msg":"will retry","error":"[*.example.com] Obtain: [*.example.com] solving challenges: waiting for solver certmagic.solverWrapper to be ready: checking DNS propagation of \"_acme-challenge.example.com\": could not determine authoritative nameservers (order=https://acme.zerossl.com/v2/DV90/order/giHSIM8Fy1QmJLJtvPQ_og) (ca=https://acme.zerossl.com/v2/DV90)","attempt":2,"retrying_in":120,"elapsed":97.242523567,"max_duration":2592000}
5. What I already tried:
Iâve checked if there is a TXT record automatically popping up in the DigitalOcean console and it isnât.