Can't get ca certificates

os centos7.6 caddy-docker latest

I run the command

docker run -d -v `pwd`/caddy/Caddyfile:/etc/Caddyfile --name=caddy --net=host docker.io/abiosoft/caddy

The logs:

Activating privacy features... 2019/10/14 07:49:40 [INFO][cache:0xc0000328c0] Started certificate maintenance routine
Your sites will be served over HTTPS automatically using Let's Encrypt.
By continuing, you agree to the Let's Encrypt Subscriber Agreement at:
  https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf
Please enter your email address to signify agreement and to be notified
in case of issues. You can leave it blank, but we don't recommend it.
  Email address: 2019/10/14 07:49:55 [INFO][www.cphcm.tk] Obtain certificate
2019/10/14 07:49:55 [INFO] [www.cphcm.tk] acme: Obtaining bundled SAN certificate
2019/10/14 07:49:57 [INFO] [www.cphcm.tk] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/772147737
2019/10/14 07:49:57 [INFO] [www.cphcm.tk] acme: use tls-alpn-01 solver
2019/10/14 07:49:57 [INFO] [www.cphcm.tk] acme: Trying to solve TLS-ALPN-01
2019/10/14 07:49:58 http: TLS handshake error from 66.133.109.36:51020: write tcp 172.17.226.37:443->66.133.109.36:51020: write: connection reset by peer
2019/10/14 07:49:58 http: TLS handshake error from 18.197.227.110:60326: write tcp 172.17.226.37:443->18.197.227.110:60326: write: connection reset by peer
2019/10/14 07:50:03 [INFO] Unable to deactivated authorizations: https://acme-v02.api.letsencrypt.org/acme/authz-v3/772147737
2019/10/14 07:50:03 [ERROR][www.cphcm.tk] failed to obtain certificate: acme: Error -> One or more domains had a problem:
[www.cphcm.tk] acme: error: 400 :: urn:ietf:params:acme:error:connection :: Connection reset by peer, url: 
 (attempt 1/3; challenge=tls-alpn-01)
2019/10/14 07:50:04 [INFO] [www.cphcm.tk] acme: Obtaining bundled SAN certificate
2019/10/14 07:50:10 [ERROR][www.cphcm.tk] failed to obtain certificate: acme: error: 500 :: POST :: https://acme-v02.api.letsencrypt.org/acme/new-order :: urn:ietf:params:acme:error:serverInternal :: Error creating new order, url:  (attempt 2/3; challenge=tls-alpn-01)
2019/10/14 07:50:11 [INFO] [www.cphcm.tk] acme: Obtaining bundled SAN certificate
2019/10/14 07:50:15 [INFO] [www.cphcm.tk] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/772150663
2019/10/14 07:50:15 [INFO] [www.cphcm.tk] acme: use tls-alpn-01 solver
2019/10/14 07:50:15 [INFO] [www.cphcm.tk] acme: Trying to solve TLS-ALPN-01
2019/10/14 07:50:16 http: TLS handshake error from 66.133.109.36:47736: write tcp 172.17.226.37:443->66.133.109.36:47736: write: connection reset by peer
2019/10/14 07:50:16 http: TLS handshake error from 3.14.255.131:56878: write tcp 172.17.226.37:443->3.14.255.131:56878: write: connection reset by peer
2019/10/14 07:50:16 http: TLS handshake error from 18.197.227.110:36994: write tcp 172.17.226.37:443->18.197.227.110:36994: write: connection reset by peer
2019/10/14 07:50:16 http: TLS handshake error from 34.222.229.130:47942: write tcp 172.17.226.37:443->34.222.229.130:47942: write: connection reset by peer
2019/10/14 07:50:18 [INFO] Unable to deactivated authorizations: https://acme-v02.api.letsencrypt.org/acme/authz-v3/772150663
2019/10/14 07:50:18 [ERROR][www.cphcm.tk] failed to obtain certificate: acme: Error -> One or more domains had a problem:
[www.cphcm.tk] acme: error: 400 :: urn:ietf:params:acme:error:connection :: Connection reset by peer, url: 
 (attempt 3/3; challenge=tls-alpn-01)
2019/10/14 07:50:19 [INFO] [www.cphcm.tk] acme: Obtaining bundled SAN certificate
2019/10/14 07:50:20 [INFO] [www.cphcm.tk] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/772152423
2019/10/14 07:50:20 [INFO] [www.cphcm.tk] acme: Could not find solver for: tls-alpn-01
2019/10/14 07:50:20 [INFO] [www.cphcm.tk] acme: use http-01 solver
2019/10/14 07:50:20 [INFO] [www.cphcm.tk] acme: Trying to solve HTTP-01
2019/10/14 07:50:21 [INFO] [www.cphcm.tk] Served key authentication
2019/10/14 07:50:21 [INFO] [www.cphcm.tk] Served key authentication
2019/10/14 07:50:21 [INFO] [www.cphcm.tk] Served key authentication
2019/10/14 07:50:23 [INFO] Unable to deactivated authorizations: https://acme-v02.api.letsencrypt.org/acme/authz-v3/772152423
2019/10/14 07:50:23 [ERROR][www.cphcm.tk] failed to obtain certificate: acme: Error -> One or more domains had a problem:
[www.cphcm.tk] acme: error: 403 :: urn:ietf:params:acme:error:unauthorized :: Invalid response from http://www.cphcm.tk/.well-known/acme-challenge/nmdpayx97D8s7yzSFyafUuAJ0LMExC9yeIcIJAwdQvA [47.94.206.255]: "<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"textml;charset=UTF-8\" />\n   <style>body{background-color:#FFFFFF}</style>", url: 
 (attempt 1/3; challenge=http-01)
2019/10/14 07:50:24 [INFO] [www.cphcm.tk] acme: Obtaining bundled SAN certificate
2019/10/14 07:50:25 [INFO] [www.cphcm.tk] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/772153292
2019/10/14 07:50:25 [INFO] [www.cphcm.tk] acme: Could not find solver for: tls-alpn-01
2019/10/14 07:50:25 [INFO] [www.cphcm.tk] acme: use http-01 solver
2019/10/14 07:50:25 [INFO] [www.cphcm.tk] acme: Trying to solve HTTP-01
2019/10/14 07:50:27 [INFO] Unable to deactivated authorizations: https://acme-v02.api.letsencrypt.org/acme/authz-v3/772153292
2019/10/14 07:50:27 [ERROR][www.cphcm.tk] failed to obtain certificate: acme: Error -> One or more domains had a problem:
[www.cphcm.tk] acme: error: 403 :: urn:ietf:params:acme:error:unauthorized :: Invalid response from http://www.cphcm.tk/.well-known/acme-challenge/nhTuiw9wIGdr4NwNLiMUlczK_j1teeGLtxfUc0uTgs8 [47.94.206.255]: "<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"textml;charset=UTF-8\" />\n   <style>body{background-color:#FFFFFF}</style>", url: 
 (attempt 2/3; challenge=http-01)
2019/10/14 07:50:28 [INFO] [www.cphcm.tk] acme: Obtaining bundled SAN certificate
2019/10/14 07:50:29 [INFO] [www.cphcm.tk] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/772154161
2019/10/14 07:50:29 [INFO] [www.cphcm.tk] acme: Could not find solver for: tls-alpn-01
2019/10/14 07:50:29 [INFO] [www.cphcm.tk] acme: use http-01 solver
2019/10/14 07:50:29 [INFO] [www.cphcm.tk] acme: Trying to solve HTTP-01
2019/10/14 07:50:30 [INFO] [www.cphcm.tk] Served key authentication
2019/10/14 07:50:30 [INFO] [www.cphcm.tk] Served key authentication
2019/10/14 07:50:31 [INFO] [www.cphcm.tk] Served key authentication
2019/10/14 07:50:31 [INFO] Unable to deactivated authorizations: https://acme-v02.api.letsencrypt.org/acme/authz-v3/772154161
2019/10/14 07:50:31 [ERROR][www.cphcm.tk] failed to obtain certificate: acme: Error -> One or more domains had a problem:
[www.cphcm.tk] acme: error: 403 :: urn:ietf:params:acme:error:unauthorized :: Invalid response from http://www.cphcm.tk/.well-known/acme-challenge/vuF-mGW7tdgWCmcFPiapB13HkZp9D8oVofOiQIC3WlE [47.94.206.255]: "<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"textml;charset=UTF-8\" />\n   <style>body{background-color:#FFFFFF}</style>", url: 
 (attempt 3/3; challenge=http-01)
2019/10/14 07:50:32 failed to obtain certificate: acme: Error -> One or more domains had a problem:
[www.cphcm.tk] acme: error: 403 :: urn:ietf:params:acme:error:unauthorized :: Invalid response from http://www.cphcm.tk/.well-known/acme-challenge/vuF-mGW7tdgWCmcFPiapB13HkZp9D8oVofOiQIC3WlE [47.94.206.255]: "<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"textml;charset=UTF-8\" />\n   <style>body{background-color:#FFFFFF}</style>", url: 
exit status 1

/etc/Caddyfile:

www.cphcm.tk
{
  root /srv
  log ./caddy.log
  proxy /ray localhost:123456 {
    websocket
    header_upstream -Origin
  }
}

I used the cloudflare cdn, I am confused that I can't get ca crt.

abiosoft / caddy-docker

Can't get ca certificates #226