Comments (11)
Can you upgrade to the latest version of Dokku? Also, is this app using a custom nginx.conf.sigil? It seems there was a 503 in attempting to get a certificate, which implies there might be some other error here (usually it would be a 404 or similar).
from dokku-letsencrypt.
I try to update, however, even using Debian version 11.6, it returns that it was not possible to update.
ifms@srv-na ~> apt list --upgradable
Listing... Done
dokku/bullseye 0.30.2 amd64 [upgradable from: 0.27.10]
N: There are 38 additional versions. Please use the '-a' switch to see them.
Return
ifms@srv-na ~ [100]> sudo dokku-update run
-----> Updating Dokku
E: Unable to correct problems, you have held broken packages.
from dokku-letsencrypt.
Mind running:
apt install dokku
That should hopefully output a bit more about what packages are broken on your system.
from dokku-letsencrypt.
I updated dokku to 0.30.2 using this issue #5711. But, the error persist.
=====> Enabling letsencrypt for sigoe
-----> Enabling ACME proxy for sigoe...
Reloading nginx: nginx.
-----> Getting letsencrypt certificate for sigoe via HTTP-01
- Domain 'sigoe.na.ifms.edu.br'
2023/04/11 17:19:52 [INFO] [sigoe.na.ifms.edu.br] acme: Obtaining bundled SAN certificate
2023/04/11 17:19:53 [INFO] [sigoe.na.ifms.edu.br] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/218595747697
2023/04/11 17:19:53 [INFO] [sigoe.na.ifms.edu.br] acme: Could not find solver for: tls-alpn-01
2023/04/11 17:19:53 [INFO] [sigoe.na.ifms.edu.br] acme: use http-01 solver
2023/04/11 17:19:53 [INFO] [sigoe.na.ifms.edu.br] acme: Trying to solve HTTP-01
2023/04/11 17:19:56 [INFO] Deactivating auth: https://acme-v02.api.letsencrypt.org/acme/authz-v3/218595747697
2023/04/11 17:19:57 Could not obtain certificates:
error: one or more domains had a problem:
[sigoe.na.ifms.edu.br] acme: error: 403 :: urn:ietf:params:acme:error:unauthorized :: 200.19.32.67: Invalid response from http://sigoe.na.ifms.edu.br/.well-known/acme-challenge/XPFpRR6sjrcE2UI_ewpF1gjB2SAAH0aYw4IMcv9BryA: 503
-----> Certificate retrieval failed!
-----> Disabling ACME proxy for sigoe...
Reloading nginx: nginx.
! Failed to setup letsencrypt
! Check log output for further information on failure
from dokku-letsencrypt.
What happens when you run:
# validate
sudo nginx -t
# reload
sudo service nginx reload ; echo $?
# restart (only if the config is valid and a reload returns 1
sudo service nginx restart
from dokku-letsencrypt.
Result
# sudo nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
# sudo service nginx reload ; echo $?
Reloading nginx: nginx.
0
I don't have the .weel-know
directory. However, even before not having it, the certificate was generated without errors
from dokku-letsencrypt.
Can you restart nginx as well? Once you do that, retry the letsencrypt setup.
You might hit rate limits, so it may be best to switch the server to the staging one while you debug this issue.
Random question: is this dokku server behind a load balancer or cloudflare or something?
from dokku-letsencrypt.
Same error π’
=====> Enabling letsencrypt for sigoe
-----> Enabling ACME proxy for sigoe...
Reloading nginx: nginx.
-----> Getting letsencrypt certificate for sigoe via HTTP-01
- Domain 'sigoe.na.ifms.edu.br'
2023/04/12 00:46:27 No key found for account [email protected]. Generating a P256 key.
2023/04/12 00:46:27 Saved key to /certs/accounts/acme-staging-v02.api.letsencrypt.org/[email protected]/keys/[email protected]
2023/04/12 00:46:27 [INFO] acme: Registering account for [email protected]
2023/04/12 00:46:28 [INFO] [sigoe.na.ifms.edu.br] acme: Obtaining bundled SAN certificate
!!!! HEADS UP !!!!
Your account credentials have been saved in your Let's Encrypt
configuration directory at "/certs/accounts".
You should make a secure backup of this folder now. This
configuration directory will also contain certificates and
private keys obtained from Let's Encrypt so making regular
backups of this folder is ideal.
2023/04/12 00:46:28 [INFO] [sigoe.na.ifms.edu.br] AuthURL: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/6086569214
2023/04/12 00:46:28 [INFO] [sigoe.na.ifms.edu.br] acme: Could not find solver for: tls-alpn-01
2023/04/12 00:46:28 [INFO] [sigoe.na.ifms.edu.br] acme: use http-01 solver
2023/04/12 00:46:28 [INFO] [sigoe.na.ifms.edu.br] acme: Trying to solve HTTP-01
2023/04/12 00:46:32 [INFO] Deactivating auth: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/6086569214
2023/04/12 00:46:32 Could not obtain certificates:
error: one or more domains had a problem:
[sigoe.na.ifms.edu.br] acme: error: 403 :: urn:ietf:params:acme:error:unauthorized :: 200.19.32.67: Invalid response from http://sigoe.na.ifms.edu.br/.well-known/acme-challenge/WLPr_2RjRWpTeHEXaXTRNwirNSMBG8Vx5pwiG3iAmDM: 503
-----> Certificate retrieval failed!
-----> Disabling ACME proxy for sigoe...
Reloading nginx: nginx.
! Failed to setup letsencrypt
! Check log output for further information on failure
I'm not using anything other than Dokku and IP targeting
from dokku-letsencrypt.
Do you mind jumping on our Slack or Discord? I feel like this is the sort of thing we might need to debug together.
from dokku-letsencrypt.
ππΌ
from dokku-letsencrypt.
Dear, I just added the certificate manually. I believe it's really a blockade, and because I don't have access to the release, the manual certificate was the most correct choice. Close this.
from dokku-letsencrypt.
Related Issues (20)
- Let's Encrypt in Docker - docker.env: no such file or directory HOT 4
- Error on adding cron job: new crontab file is missing newline before EOF, can't install HOT 4
- Is it possible to use a DNS-01 challenge for a non-wildcard domain? HOT 1
- Renewal fails with "Letsencrypt not enabled for app" HOT 10
- letsencrypt:report doesnβt show the dns-provider-* options
- Broken as of dokku 0.30.0 HOT 4
- Skip domain `_` (Nginx default domain name)
- Cloudflare DNS-01 howto HOT 2
- letsencrypt:cron-job --add does not add cronjob HOT 1
- Invalid response from acme-challenge HOT 16
- Cloudflare DNS: Failed to find zone HOT 1
- Can't Renew Ceritificate, returns Error: manifest for dokku/letsencrypt:0.1.0 not found: HOT 4
- Can't Renew SSL using dokku-letsencrypt: Manifest Unkown HOT 7
- set email for app is not possible HOT 1
- letsencrypt/internal-functions: line 84: syntax error near unexpected token `fi' HOT 6
- Running on old dokku installation HOT 1
- Unable to set email address HOT 2
- feature: Make it possible to enable letsencrypt by default HOT 1
- get_available_port: command not found HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from dokku-letsencrypt.