search

caddy-dns / cloudflare

Caddy module: dns.providers.cloudflare
Apache License 2.0
436 stars 59 forks source link

got error status: HTTP 400: [{Code:6003 Message:Invalid request headers} (env persist) #38

Closed jpVm5jYYRE1VIKL closed 2 years ago

jpVm5jYYRE1VIKL commented 2 years ago

Following config 

*.domain.net {
        tls email@domain.net {
                dns cloudflare {env.DOMAIN_NET_CF_AUTH_TOKEN}
        }
}

*.domain.org {
        tls email@domain.org {
                dns cloudflare {env.DOMAIN_ORG_CF_AUTH_TOKEN}
        }
}

command : docker exec caddy-caddy-1 env output :

PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
HOSTNAME=dfbc180dde13
DOMAIN_ORG_CF_AUTH_TOKEN=2c..........da
ACME_AGREE=true
DOMAIN_NET_CF_AUTH_TOKEN=2c2bc.......da
CADDY_VERSION=v2.5.1
XDG_CONFIG_HOME=/config
XDG_DATA_HOME=/data
HOME=/root

in logs : 

{"level":"error","ts":1653122085.059477,"logger":"tls.obtain","msg":"will retry","error":"[*.domain.org] Obtain: [*.domain.org] solving challenges: presenting for challenge: adding temporary record for zone domain.org.: got error status: HTTP 400: [{Code:6003 Message:Invalid request headers}] (order=https://acme-staging-v02.api.letsencrypt.org/acme/order/54810104/2635600154) (ca=https://acme-staging-v02.api.letsencrypt.org/directory)","attempt":5,"retrying_in":600,"elapsed":618.239939337,"max_duration":2592000}
{"level":"error","ts":1653122085.1282437,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"*.domain.net","issuer":"acme-staging-v02.api.letsencrypt.org-directory","error":"[*.domain.net] solving challenges: presenting for challenge: adding temporary record for zone domain.net.: got error status: HTTP 400: [{Code:6003 Message:Invalid request headers}] (order=https://acme-staging-v02.api.letsencrypt.org/acme/order/54810104/2635600194) (ca=https://acme-staging-v02.api.letsencrypt.org/directory)"}
mholt commented 2 years ago

This is the (confusing) error message when your API key is incorrect or missing. See https://github.com/caddy-dns/cloudflare/issues/27.

jpVm5jYYRE1VIKL commented 2 years ago

Hi. If you read attentively on my bug report you will see that API exist inside container and it was right. is it must be with symbol ' or without ? It wil be much better to have posibility to see What request content caddy sent to remote server and what exactly get from it.

mholt commented 2 years ago

You also have to make sure the API key is configured correctly within Cloudflare