search

caddyserver / caddy

Fast and extensible multi-platform HTTP/1-2-3 web server with automatic HTTPS
https://caddyserver.com
Apache License 2.0
55.45k stars 3.91k forks source link

Global option acme_dns doesn't work with global option cert_issuer #6389

Closed W0n9 closed 2 weeks ago

W0n9 commented 2 weeks ago

I have config the global option acme_dns and global option cert_issuer, but not as expected, caddy doesn't get the certs or even doesn't add the TXT record to the dns.

Here is my caddyfile

############### Caddyfile which doesn't work  ################
{
    debug
    acme_dns duckdns <hidden>
    cert_issuer acme {
        dir https://acme-v02.api.letsencrypt.org/directory
        # dns duckdns <hidden>
        dns_challenge_override_domain buct.duckdns.org
        resolvers 223.5.5.5
    }
    cert_issuer acme {
        dir https://acme.zerossl.com/v2/DV90
        eab <hidden> <hidden>
        # dns duckdns <hidden>
        dns_challenge_override_domain buct.duckdns.org
        resolvers 223.5.5.5
    }
}

*.acme.buct.cn {
    respond "Hello, World!"
}

############### Caddyfile which works  ################
{
    debug
    # acme_dns duckdns <hidden>
    cert_issuer acme {
        dir https://acme-v02.api.letsencrypt.org/directory
        dns duckdns <hidden>
        dns_challenge_override_domain buct.duckdns.org
        resolvers 223.5.5.5
    }
    cert_issuer acme {
        dir https://acme.zerossl.com/v2/DV90
        eab <hidden> <hidden>
        dns duckdns <hidden>
        dns_challenge_override_domain buct.duckdns.org
        resolvers 223.5.5.5
    }
}

*.acme.buct.cn {
    respond "Hello, World!"
}

Logs when Caddyfile which doesn't work

2024/06/12 02:34:42.572 INFO    using adjacent Caddyfile
2024/06/12 02:34:42.573 INFO    adapted config to JSON  {"adapter": "caddyfile"}
2024/06/12 02:34:42.589 INFO    admin   admin endpoint started  {"address": "localhost:2019", "enforce_origin": false, "origins": ["//localhost:2019", "//[::1]:2019", "//127.0.0.1:2019"]}
2024/06/12 02:34:42.590 INFO    tls.cache.maintenance   started background certificate maintenance      {"cache": "0xc0003bb980"}
2024/06/12 02:34:42.590 INFO    http.auto_https server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS {"server_name": "srv0", "https_port": 443}
2024/06/12 02:34:42.590 INFO    http.auto_https enabling automatic HTTP->HTTPS redirects        {"server_name": "srv0"}
2024/06/12 02:34:42.591 DEBUG   http.auto_https adjusted config {"tls": {"automation":{"policies":[{}]}}, "http": {"servers":{"remaining_auto_https_redirects":{"listen":[":80"],"routes":[{},{}]},"srv0":{"listen":[":443"],"routes":[{"handle":[{"handler":"subroute","routes":[{"handle":[{"body":"Hello, World!","handler":"static_response"}]}]}],"terminal":true}],"tls_connection_policies":[{}],"automatic_https":{}}}}}
2024/06/12 02:34:42.591 INFO    http    enabling HTTP/3 listener        {"addr": ":443"}
2024/06/12 02:34:42.592 DEBUG   http    starting server loop    {"address": "[::]:443", "tls": true, "http3": true}
2024/06/12 02:34:42.592 INFO    http.log        server running  {"name": "srv0", "protocols": ["h1", "h2", "h3"]}
2024/06/12 02:34:42.592 DEBUG   http    starting server loop    {"address": "[::]:80", "tls": false, "http3": false}
2024/06/12 02:34:42.592 INFO    http.log        server running  {"name": "remaining_auto_https_redirects", "protocols": ["h1", "h2", "h3"]}
2024/06/12 02:34:42.592 INFO    http    enabling automatic TLS certificate management   {"domains": ["*.acme.buct.cn"]}
2024/06/12 02:34:42.593 INFO    autosaved config (load with --resume flag)      {"file": "C:\\Users\\nuc\\AppData\\Roaming\\Caddy\\autosave.json"}
2024/06/12 02:34:42.593 INFO    serving initial configuration
2024/06/12 02:34:42.594 INFO    tls.obtain      acquiring lock  {"identifier": "*.acme.buct.cn"}
2024/06/12 02:34:42.595 INFO    tls     cleaning storage unit   {"storage": "FileStorage:C:\\Users\\nuc\\AppData\\Roaming\\Caddy"}
2024/06/12 02:34:42.596 INFO    tls.obtain      lock acquired   {"identifier": "*.acme.buct.cn"}
2024/06/12 02:34:42.596 INFO    tls     finished cleaning storage units
2024/06/12 02:34:42.596 INFO    tls.obtain      obtaining certificate   {"identifier": "*.acme.buct.cn"}
2024/06/12 02:34:42.596 DEBUG   events  event   {"name": "cert_obtaining", "id": "7dbdb988-41d6-4411-b6b0-6693e236056b", "origin": "tls", "data": {"identifier":"*.acme.buct.cn"}}
2024/06/12 02:34:42.597 DEBUG   tls.obtain      trying issuer 1/2       {"issuer": "acme-v02.api.letsencrypt.org-directory"}
2024/06/12 02:34:43.356 DEBUG   http.acme_client        http request    {"method": "GET", "url": "https://acme-v02.api.letsencrypt.org/directory", "headers": {"User-Agent":["Caddy/2.8.4 CertMagic acmez (windows; amd64)"]}, "response_headers": {"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["746"],"Content-Type":["application/json"],"Date":["Wed, 12 Jun 2024 02:34:43 GMT"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]}, "status_code": 200}
2024/06/12 02:34:43.590 DEBUG   http.acme_client        http request    {"method": "HEAD", "url": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "headers": {"User-Agent":["Caddy/2.8.4 CertMagic acmez (windows; amd64)"]}, "response_headers": {"Cache-Control":["public, max-age=0, no-cache"],"Date":["Wed, 12 Jun 2024 02:34:43 GMT"],"Link":["<https://acme-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Replay-Nonce":["su1caOmbty53RbSc83lNjx4gukMJRYS2kOd_t556LUUXfjrxAoo"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]}, "status_code": 200}
2024/06/12 02:34:43.837 DEBUG   http.acme_client        http request    {"method": "POST", "url": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.8.4 CertMagic acmez (windows; amd64)"]}, "response_headers": {"Boulder-Requester":["1777234367"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["285"],"Content-Type":["application/json"],"Date":["Wed, 12 Jun 2024 02:34:43 GMT"],"Link":["<https://acme-v02.api.letsencrypt.org/directory>;rel=\"index\"","<https://letsencrypt.org/documents/LE-SA-v1.4-April-3-2024.pdf>;rel=\"terms-of-service\""],"Location":["https://acme-v02.api.letsencrypt.org/acme/acct/1777234367"],"Replay-Nonce":["su1caOmbRCzKX7PvdWuLYbYAaI9-HceATmRzxpHJOyOdy8_NX_w"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]}, "status_code": 201}
2024/06/12 02:34:43.840 INFO    http    waiting on internal rate limiter        {"identifiers": ["*.acme.buct.cn"], "ca": "https://acme-v02.api.letsencrypt.org/directory", "account": ""}
2024/06/12 02:34:43.840 INFO    http    done waiting on internal rate limiter   {"identifiers": ["*.acme.buct.cn"], "ca": "https://acme-v02.api.letsencrypt.org/directory", "account": ""}
2024/06/12 02:34:43.840 INFO    http    using ACME account      {"account_id": "https://acme-v02.api.letsencrypt.org/acme/acct/1777234367", "account_contact": []}
2024/06/12 02:34:43.840 DEBUG   http.acme_client        creating order  {"account": "https://acme-v02.api.letsencrypt.org/acme/acct/1777234367", "identifiers": ["*.acme.buct.cn"]}
2024/06/12 02:34:44.125 DEBUG   http.acme_client        http request    {"method": "POST", "url": "https://acme-v02.api.letsencrypt.org/acme/new-order", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.8.4 CertMagic acmez (windows; amd64)"]}, "response_headers": {"Boulder-Requester":["1777234367"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["340"],"Content-Type":["application/json"],"Date":["Wed, 12 Jun 2024 02:34:43 GMT"],"Link":["<https://acme-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Location":["https://acme-v02.api.letsencrypt.org/acme/order/1777234367/277595337237"],"Replay-Nonce":["su1caOmb1XMXo1B6SggxvsoyttvdhOvviwTnABjPKddBqYODglk"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]}, "status_code": 201}
2024/06/12 02:34:44.363 DEBUG   http.acme_client        http request    {"method": "POST", "url": "https://acme-v02.api.letsencrypt.org/acme/authz-v3/362797694977", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.8.4 CertMagic acmez (windows; amd64)"]}, "response_headers": {"Boulder-Requester":["1777234367"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["386"],"Content-Type":["application/json"],"Date":["Wed, 12 Jun 2024 02:34:44 GMT"],"Link":["<https://acme-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Replay-Nonce":["cp09ZmYxq_Ce01FIHjxi33L_cJ0ZQevOJ18BjhvnGb87q3LKEAg"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]}, "status_code": 200}
2024/06/12 02:34:44.364 DEBUG   http.acme_client        no solver configured    {"challenge_type": "dns-01"}
2024/06/12 02:34:44.606 DEBUG   http.acme_client        http request    {"method": "POST", "url": "https://acme-v02.api.letsencrypt.org/acme/authz-v3/362797694977", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.8.4 CertMagic acmez (windows; amd64)"]}, "response_headers": {"Boulder-Requester":["1777234367"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["390"],"Content-Type":["application/json"],"Date":["Wed, 12 Jun 2024 02:34:44 GMT"],"Link":["<https://acme-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Replay-Nonce":["su1caOmbHJhuKA6add4KI54NUIAdXwmcMlf1t44JtlPXNTh2jbk"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]}, "status_code": 200}
2024/06/12 02:34:44.606 ERROR   tls.obtain      could not get certificate from issuer   {"identifier": "*.acme.buct.cn", "issuer": "acme-v02.api.letsencrypt.org-directory", "error": "[*.acme.buct.cn] solving challenges: *.acme.buct.cn: no solvers available for remaining challenges (configured=[http-01 tls-alpn-01] offered=[dns-01] remaining=[dns-01]) (order=https://acme-v02.api.letsencrypt.org/acme/order/1777234367/277595337237) (ca=https://acme-v02.api.letsencrypt.org/directory)"}
2024/06/12 02:34:44.607 DEBUG   tls.obtain      trying issuer 2/2       {"issuer": "acme.zerossl.com-v2-DV90"}
2024/06/12 02:34:46.037 DEBUG   http.acme_client        http request    {"method": "GET", "url": "https://acme.zerossl.com/v2/DV90", "headers": {"User-Agent":["Caddy/2.8.4 CertMagic acmez (windows; amd64)"]}, "response_headers": {"Access-Control-Allow-Origin":["*"],"Content-Length":["645"],"Content-Type":["application/json"],"Date":["Wed, 12 Jun 2024 02:34:45 GMT"],"Server":["nginx"],"Strict-Transport-Security":["max-age=15724800; includeSubDomains"]}, "status_code": 200}
2024/06/12 02:34:47.473 DEBUG   http.acme_client        http request    {"method": "HEAD", "url": "https://acme.zerossl.com/v2/DV90/newNonce", "headers": {"User-Agent":["Caddy/2.8.4 CertMagic acmez (windows; amd64)"]}, "response_headers": {"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=0, no-cache, no-store"],"Content-Type":["application/octet-stream"],"Date":["Wed, 12 Jun 2024 02:34:47 GMT"],"Link":["<https://acme.zerossl.com/v2/DV90>;rel=\"index\""],"Replay-Nonce":["lWC5YfL6qV6NJ749GfYpX8mUdQgn4P9D8OiU619S26k"],"Server":["nginx"],"Strict-Transport-Security":["max-age=15724800; includeSubDomains"]}, "status_code": 200}
2024/06/12 02:34:48.934 DEBUG   http.acme_client        http request    {"method": "POST", "url": "https://acme.zerossl.com/v2/DV90/newAccount", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.8.4 CertMagic acmez (windows; amd64)"]}, "response_headers": {"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=0, no-cache, no-store"],"Content-Length":["540"],"Content-Type":["application/json"],"Date":["Wed, 12 Jun 2024 02:34:48 GMT"],"Link":["<https://acme.zerossl.com/v2/DV90>;rel=\"index\""],"Location":["https://acme.zerossl.com/v2/DV90/account/veDQUOv1cDtuRz_D6U65sw"],"Replay-Nonce":["RRSbDaECLTym5_QMnNyd3cRXNgrsT4fJrPtLPydO4v8"],"Server":["nginx"],"Strict-Transport-Security":["max-age=15724800; includeSubDomains"]}, "status_code": 201}
2024/06/12 02:34:48.938 INFO    http    waiting on internal rate limiter        {"identifiers": ["*.acme.buct.cn"], "ca": "https://acme.zerossl.com/v2/DV90", "account": ""}
2024/06/12 02:34:48.938 INFO    http    done waiting on internal rate limiter   {"identifiers": ["*.acme.buct.cn"], "ca": "https://acme.zerossl.com/v2/DV90", "account": ""}
2024/06/12 02:34:48.938 INFO    http    using ACME account      {"account_id": "https://acme.zerossl.com/v2/DV90/account/veDQUOv1cDtuRz_D6U65sw", "account_contact": []}
2024/06/12 02:34:48.938 DEBUG   http.acme_client        creating order  {"account": "https://acme.zerossl.com/v2/DV90/account/veDQUOv1cDtuRz_D6U65sw", "identifiers": ["*.acme.buct.cn"]}
2024/06/12 02:34:51.291 DEBUG   http.acme_client        http request    {"method": "POST", "url": "https://acme.zerossl.com/v2/DV90/newOrder", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.8.4 CertMagic acmez (windows; amd64)"]}, "response_headers": {"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=0, no-cache, no-store"],"Content-Length":["276"],"Content-Type":["application/json"],"Date":["Wed, 12 Jun 2024 02:34:50 GMT"],"Location":["https://acme.zerossl.com/v2/DV90/order/1x72BIGeExBa-IIS8BL2zA"],"Replay-Nonce":["dKttGwssa0gdA-ieW6VZckUJ18553gavctrVfAvdz5I"],"Server":["nginx"],"Strict-Transport-Security":["max-age=15724800; includeSubDomains"]}, "status_code": 201}
2024/06/12 02:34:54.288 DEBUG   http.acme_client        http request    {"method": "POST", "url": "https://acme.zerossl.com/v2/DV90/authz/u2DkcfX9_FA4xTBiFYWZ1w", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.8.4 CertMagic acmez (windows; amd64)"]}, "response_headers": {"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=0, no-cache, no-store"],"Content-Length":["296"],"Content-Type":["application/json"],"Date":["Wed, 12 Jun 2024 02:34:54 GMT"],"Link":["<https://acme.zerossl.com/v2/DV90>;rel=\"index\""],"Replay-Nonce":["U9Z8iWLHhjNDAquq6IApZZ3ZKP05W0ajvBXwR4Hz50c"],"Retry-After":["5"],"Server":["nginx"],"Strict-Transport-Security":["max-age=15724800; includeSubDomains"]}, "status_code": 200}
2024/06/12 02:34:54.289 DEBUG   http.acme_client        no solver configured    {"challenge_type": "dns-01"}
2024/06/12 02:34:59.433 DEBUG   http.acme_client        http request    {"method": "POST", "url": "https://acme.zerossl.com/v2/DV90/authz/u2DkcfX9_FA4xTBiFYWZ1w", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.8.4 CertMagic acmez (windows; amd64)"]}, "response_headers": {"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=0, no-cache, no-store"],"Content-Length":["140"],"Content-Type":["application/json"],"Date":["Wed, 12 Jun 2024 02:34:59 GMT"],"Link":["<https://acme.zerossl.com/v2/DV90>;rel=\"index\""],"Replay-Nonce":["FHAmj5TQbA7ycNyNl49AAwPQdNKki-bnO47YiWSNSss"],"Server":["nginx"],"Strict-Transport-Security":["max-age=15724800; includeSubDomains"]}, "status_code": 200}
2024/06/12 02:34:59.434 ERROR   tls.obtain      could not get certificate from issuer   {"identifier": "*.acme.buct.cn", "issuer": "acme.zerossl.com-v2-DV90", "error": "[*.acme.buct.cn] solving challenges: *.acme.buct.cn: no solvers available for remaining challenges (configured=[http-01 tls-alpn-01] offered=[dns-01] remaining=[dns-01]) (order=https://acme.zerossl.com/v2/DV90/order/1x72BIGeExBa-IIS8BL2zA) (ca=https://acme.zerossl.com/v2/DV90)"}
2024/06/12 02:34:59.434 DEBUG   events  event   {"name": "cert_failed", "id": "356ebfdd-b398-4cde-9c67-ebb3ad10586d", "origin": "tls", "data": {"error":{},"identifier":"*.acme.buct.cn","issuers":["acme-v02.api.letsencrypt.org-directory","acme.zerossl.com-v2-DV90"],"renewal":false}}
2024/06/12 02:34:59.434 ERROR   tls.obtain      will retry      {"error": "[*.acme.buct.cn] Obtain: [*.acme.buct.cn] solving challenges: *.acme.buct.cn: no solvers available for remaining challenges (configured=[http-01 tls-alpn-01] offered=[dns-01] remaining=[dns-01]) (order=https://acme.zerossl.com/v2/DV90/order/1x72BIGeExBa-IIS8BL2zA) (ca=https://acme.zerossl.com/v2/DV90)", "attempt": 1, "retrying_in": 60, "elapsed": 16.8377171, "max_duration": 2592000}
2024/06/12 02:35:06.679 INFO    shutting down   {"signal": "SIGINT"}
2024/06/12 02:35:06.679 WARN    exiting; byeee!! 👋     {"signal": "SIGINT"}
2024/06/12 02:35:06.679 INFO    http    servers shutting down with eternal grace period
2024/06/12 02:35:06.679 INFO    tls.obtain      releasing lock  {"identifier": "*.acme.buct.cn"}
2024/06/12 02:35:06.680 ERROR   tls     job failed      {"error": "*.acme.buct.cn: obtaining certificate: context canceled"}
2024/06/12 02:35:06.680 INFO    admin   stopped previous server {"address": "localhost:2019"}
2024/06/12 02:35:06.680 INFO    shutdown complete       {"signal": "SIGINT", "exit_code": 0}

Logs when Caddyfile works (Due to avoid hit the rate limit, I have pause my primary domain cname resolve, but caddy did change TXT record at duckdns)

2024/06/12 03:14:45.204 INFO    using adjacent Caddyfile
2024/06/12 03:14:45.206 INFO    adapted config to JSON  {"adapter": "caddyfile"}
2024/06/12 03:14:45.221 INFO    admin   admin endpoint started  {"address": "localhost:2019", "enforce_origin": false, "origins": ["//localhost:2019", "//[::1]:2019", "//127.0.0.1:2019"]}
2024/06/12 03:14:45.221 INFO    tls.cache.maintenance   started background certificate maintenance      {"cache": "0xc000059c80"}
2024/06/12 03:14:45.221 INFO    http.auto_https server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS {"server_name": "srv0", "https_port": 443}
2024/06/12 03:14:45.221 INFO    http.auto_https enabling automatic HTTP->HTTPS redirects        {"server_name": "srv0"}
2024/06/12 03:14:45.221 DEBUG   http.auto_https adjusted config {"tls": {"automation":{"policies":[{}]}}, "http": {"servers":{"remaining_auto_https_redirects":{"listen":[":80"],"routes":[{},{}]},"srv0":{"listen":[":443"],"routes":[{"handle":[{"handler":"subroute","routes":[{"handle":[{"body":"Hello, World!","handler":"static_response"}]}]}],"terminal":true}],"tls_connection_policies":[{}],"automatic_https":{}}}}}
2024/06/12 03:14:45.222 INFO    http    enabling HTTP/3 listener        {"addr": ":443"}
2024/06/12 03:14:45.222 DEBUG   http    starting server loop    {"address": "[::]:443", "tls": true, "http3": true}
2024/06/12 03:14:45.222 INFO    http.log        server running  {"name": "srv0", "protocols": ["h1", "h2", "h3"]}
2024/06/12 03:14:45.222 DEBUG   http    starting server loop    {"address": "[::]:80", "tls": false, "http3": false}
2024/06/12 03:14:45.222 INFO    http.log        server running  {"name": "remaining_auto_https_redirects", "protocols": ["h1", "h2", "h3"]}
2024/06/12 03:14:45.222 INFO    http    enabling automatic TLS certificate management   {"domains": ["*.acme.buct.cn"]}
2024/06/12 03:14:45.223 INFO    autosaved config (load with --resume flag)      {"file": "C:\\Users\\nuc\\AppData\\Roaming\\Caddy\\autosave.json"}
2024/06/12 03:14:45.223 INFO    serving initial configuration
2024/06/12 03:14:45.223 INFO    tls.obtain      acquiring lock  {"identifier": "*.acme.buct.cn"}
2024/06/12 03:14:45.224 INFO    tls     storage cleaning happened too recently; skipping for now        {"storage": "FileStorage:C:\\Users\\nuc\\AppData\\Roaming\\Caddy", "instance": "104cadaa-b4b4-4995-b26e-2283129a8a02", "try_again": "2024/06/13 03:14:45.224", "try_again_in": 86400}
2024/06/12 03:14:45.224 INFO    tls     finished cleaning storage units
2024/06/12 03:14:45.225 INFO    tls.obtain      lock acquired   {"identifier": "*.acme.buct.cn"}
2024/06/12 03:14:45.226 INFO    tls.obtain      obtaining certificate   {"identifier": "*.acme.buct.cn"}
2024/06/12 03:14:45.226 DEBUG   events  event   {"name": "cert_obtaining", "id": "b76043ad-d744-4ce7-9235-6e9cab053cfc", "origin": "tls", "data": {"identifier":"*.acme.buct.cn"}}
2024/06/12 03:14:45.226 DEBUG   tls.obtain      trying issuer 1/2       {"issuer": "acme-v02.api.letsencrypt.org-directory"}
2024/06/12 03:14:45.227 INFO    http    waiting on internal rate limiter        {"identifiers": ["*.acme.buct.cn"], "ca": "https://acme-v02.api.letsencrypt.org/directory", "account": ""}
2024/06/12 03:14:45.227 INFO    http    done waiting on internal rate limiter   {"identifiers": ["*.acme.buct.cn"], "ca": "https://acme-v02.api.letsencrypt.org/directory", "account": ""}
2024/06/12 03:14:45.227 INFO    http    using ACME account      {"account_id": "https://acme-v02.api.letsencrypt.org/acme/acct/1777234367", "account_contact": []}
2024/06/12 03:14:45.922 DEBUG   http.acme_client        http request    {"method": "GET", "url": "https://acme-v02.api.letsencrypt.org/directory", "headers": {"User-Agent":["Caddy/2.8.4 CertMagic acmez (windows; amd64)"]}, "response_headers": {"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["746"],"Content-Type":["application/json"],"Date":["Wed, 12 Jun 2024 03:14:45 GMT"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]}, "status_code": 200}
2024/06/12 03:14:45.922 DEBUG   http.acme_client        creating order  {"account": "https://acme-v02.api.letsencrypt.org/acme/acct/1777234367", "identifiers": ["*.acme.buct.cn"]}
2024/06/12 03:14:46.144 DEBUG   http.acme_client        http request    {"method": "HEAD", "url": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "headers": {"User-Agent":["Caddy/2.8.4 CertMagic acmez (windows; amd64)"]}, "response_headers": {"Cache-Control":["public, max-age=0, no-cache"],"Date":["Wed, 12 Jun 2024 03:14:45 GMT"],"Link":["<https://acme-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Replay-Nonce":["Df5PeVqQCLXkO0GdPminMAfRuoRPPuUInOQ-2jF4fjQ9ZNg_Z0I"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]}, "status_code": 200}
2024/06/12 03:14:46.498 DEBUG   http.acme_client        http request    {"method": "POST", "url": "https://acme-v02.api.letsencrypt.org/acme/new-order", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.8.4 CertMagic acmez (windows; amd64)"]}, "response_headers": {"Boulder-Requester":["1777234367"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["340"],"Content-Type":["application/json"],"Date":["Wed, 12 Jun 2024 03:14:46 GMT"],"Link":["<https://acme-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Location":["https://acme-v02.api.letsencrypt.org/acme/order/1777234367/277604676197"],"Replay-Nonce":["RczC3CZ0mGp_H0rbCiAnwpVc0ro7u5LvYQPdB_2b0qFAGrkA5MM"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]}, "status_code": 201}
2024/06/12 03:14:46.730 DEBUG   http.acme_client        http request    {"method": "POST", "url": "https://acme-v02.api.letsencrypt.org/acme/authz-v3/362811455447", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.8.4 CertMagic acmez (windows; amd64)"]}, "response_headers": {"Boulder-Requester":["1777234367"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["386"],"Content-Type":["application/json"],"Date":["Wed, 12 Jun 2024 03:14:46 GMT"],"Link":["<https://acme-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Replay-Nonce":["Df5PeVqQZMubTEdIxaEaCQkbe3DraxWCdgfDdoMJmHlnf3MK_cw"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]}, "status_code": 200}
2024/06/12 03:14:46.730 INFO    http.acme_client        trying to solve challenge       {"identifier": "*.acme.buct.cn", "challenge_type": "dns-01", "ca": "https://acme-v02.api.letsencrypt.org/directory"}
2024/06/12 03:14:48.337 DEBUG   http.acme_client        waiting for solver before continuing    {"identifier": "*.acme.buct.cn", "challenge_type": "dns-01"}
2024/06/12 03:14:56.870 DEBUG   http.acme_client        done waiting for solver {"identifier": "*.acme.buct.cn", "challenge_type": "dns-01"}
2024/06/12 03:14:57.110 DEBUG   http.acme_client        http request    {"method": "POST", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/362811455447/s0UJkw", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.8.4 CertMagic acmez (windows; amd64)"]}, "response_headers": {"Boulder-Requester":["1777234367"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["186"],"Content-Type":["application/json"],"Date":["Wed, 12 Jun 2024 03:14:56 GMT"],"Link":["<https://acme-v02.api.letsencrypt.org/directory>;rel=\"index\"","<https://acme-v02.api.letsencrypt.org/acme/authz-v3/362811455447>;rel=\"up\""],"Location":["https://acme-v02.api.letsencrypt.org/acme/chall-v3/362811455447/s0UJkw"],"Replay-Nonce":["Df5PeVqQOAXjsfBzfAq78ezuvUwlyI33uE4gPzRKyZu-z1nEtYc"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]}, "status_code": 200}
2024/06/12 03:14:57.111 DEBUG   http.acme_client        challenge accepted      {"identifier": "*.acme.buct.cn", "challenge_type": "dns-01"}
2024/06/12 03:14:57.590 DEBUG   http.acme_client        http request    {"method": "POST", "url": "https://acme-v02.api.letsencrypt.org/acme/authz-v3/362811455447", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.8.4 CertMagic acmez (windows; amd64)"]}, "response_headers": {"Boulder-Requester":["1777234367"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["386"],"Content-Type":["application/json"],"Date":["Wed, 12 Jun 2024 03:14:57 GMT"],"Link":["<https://acme-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Replay-Nonce":["RczC3CZ0SToioAzdLDGTloAJPqHjX5zLtku1B28OdhSLrezCfIE"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]}, "status_code": 200}
2024/06/12 03:14:58.069 DEBUG   http.acme_client        http request    {"method": "POST", "url": "https://acme-v02.api.letsencrypt.org/acme/authz-v3/362811455447", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.8.4 CertMagic acmez (windows; amd64)"]}, "response_headers": {"Boulder-Requester":["1777234367"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["386"],"Content-Type":["application/json"],"Date":["Wed, 12 Jun 2024 03:14:57 GMT"],"Link":["<https://acme-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Replay-Nonce":["RczC3CZ0YCXgaGlqNjK1LpbEE7NisW7u6IxYJr0Twz0XbPxw5To"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]}, "status_code": 200}
2024/06/12 03:14:58.551 DEBUG   http.acme_client        http request    {"method": "POST", "url": "https://acme-v02.api.letsencrypt.org/acme/authz-v3/362811455447", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.8.4 CertMagic acmez (windows; amd64)"]}, "response_headers": {"Boulder-Requester":["1777234367"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["386"],"Content-Type":["application/json"],"Date":["Wed, 12 Jun 2024 03:14:58 GMT"],"Link":["<https://acme-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Replay-Nonce":["Df5PeVqQGGIo8jL-nHygC4hiAIud52yvvNuek2QHutS-C_muIrM"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]}, "status_code": 200}
2024/06/12 03:14:59.030 DEBUG   http.acme_client        http request    {"method": "POST", "url": "https://acme-v02.api.letsencrypt.org/acme/authz-v3/362811455447", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.8.4 CertMagic acmez (windows; amd64)"]}, "response_headers": {"Boulder-Requester":["1777234367"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["386"],"Content-Type":["application/json"],"Date":["Wed, 12 Jun 2024 03:14:58 GMT"],"Link":["<https://acme-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Replay-Nonce":["RczC3CZ0RvoFOecN18rE1gwuUgz8SyACUnV4Ev9tgTLXPLff4Co"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]}, "status_code": 200}
2024/06/12 03:14:59.516 DEBUG   http.acme_client        http request    {"method": "POST", "url": "https://acme-v02.api.letsencrypt.org/acme/authz-v3/362811455447", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.8.4 CertMagic acmez (windows; amd64)"]}, "response_headers": {"Boulder-Requester":["1777234367"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["386"],"Content-Type":["application/json"],"Date":["Wed, 12 Jun 2024 03:14:59 GMT"],"Link":["<https://acme-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Replay-Nonce":["Df5PeVqQvJVF5fQ4HJuoXbZzi0o-JyVUB6ipg1-nvukT87dIEBQ"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]}, "status_code": 200}
2024/06/12 03:14:59.997 DEBUG   http.acme_client        http request    {"method": "POST", "url": "https://acme-v02.api.letsencrypt.org/acme/authz-v3/362811455447", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.8.4 CertMagic acmez (windows; amd64)"]}, "response_headers": {"Boulder-Requester":["1777234367"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["386"],"Content-Type":["application/json"],"Date":["Wed, 12 Jun 2024 03:14:59 GMT"],"Link":["<https://acme-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Replay-Nonce":["Df5PeVqQofc8RezwvnC0wunPXAe7DC569YK7SNz5d1kpQIjxX9E"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]}, "status_code": 200}
2024/06/12 03:15:00.482 DEBUG   http.acme_client        http request    {"method": "POST", "url": "https://acme-v02.api.letsencrypt.org/acme/authz-v3/362811455447", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.8.4 CertMagic acmez (windows; amd64)"]}, "response_headers": {"Boulder-Requester":["1777234367"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["667"],"Content-Type":["application/json"],"Date":["Wed, 12 Jun 2024 03:15:00 GMT"],"Link":["<https://acme-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Replay-Nonce":["RczC3CZ0RvcXToExnuIK8ub7YYlRGdO-8iT-D_fB20WK6CYbEnU"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]}, "status_code": 200}
2024/06/12 03:15:00.758 ERROR   http.acme_client        challenge failed        {"identifier": "*.acme.buct.cn", "challenge_type": "dns-01", "problem": {"type": "urn:ietf:params:acme:error:dns", "title": "", "detail": "DNS problem: NXDOMAIN looking up TXT for _acme-challenge.acme.buct.cn - check that a DNS record exists for this domain", "instance": "", "subproblems": []}}
2024/06/12 03:15:00.758 ERROR   http.acme_client        validating authorization        {"identifier": "*.acme.buct.cn", "problem": {"type": "urn:ietf:params:acme:error:dns", "title": "", "detail": "DNS problem: NXDOMAIN looking up TXT for _acme-challenge.acme.buct.cn - check that a DNS record exists for this domain", "instance": "", "subproblems": []}, "order": "https://acme-v02.api.letsencrypt.org/acme/order/1777234367/277604676197", "attempt": 1, "max_attempts": 3}
2024/06/12 03:15:00.758 ERROR   tls.obtain      could not get certificate from issuer   {"identifier": "*.acme.buct.cn", "issuer": "acme-v02.api.letsencrypt.org-directory", "error": "HTTP 400 urn:ietf:params:acme:error:dns - DNS problem: NXDOMAIN looking up TXT for _acme-challenge.acme.buct.cn - check that a DNS record exists for this domain"}
2024/06/12 03:15:00.758 DEBUG   tls.obtain      trying issuer 2/2       {"issuer": "acme.zerossl.com-v2-DV90"}
2024/06/12 03:15:00.760 INFO    http    waiting on internal rate limiter        {"identifiers": ["*.acme.buct.cn"], "ca": "https://acme.zerossl.com/v2/DV90", "account": ""}
2024/06/12 03:15:00.760 INFO    http    done waiting on internal rate limiter   {"identifiers": ["*.acme.buct.cn"], "ca": "https://acme.zerossl.com/v2/DV90", "account": ""}
2024/06/12 03:15:00.760 INFO    http    using ACME account      {"account_id": "https://acme.zerossl.com/v2/DV90/account/veDQUOv1cDtuRz_D6U65sw", "account_contact": []}
2024/06/12 03:15:01.821 DEBUG   http.acme_client        http request    {"method": "GET", "url": "https://acme.zerossl.com/v2/DV90", "headers": {"User-Agent":["Caddy/2.8.4 CertMagic acmez (windows; amd64)"]}, "response_headers": {"Access-Control-Allow-Origin":["*"],"Content-Length":["645"],"Content-Type":["application/json"],"Date":["Wed, 12 Jun 2024 03:15:01 GMT"],"Server":["nginx"],"Strict-Transport-Security":["max-age=15724800; includeSubDomains"]}, "status_code": 200}
2024/06/12 03:15:01.821 DEBUG   http.acme_client        creating order  {"account": "https://acme.zerossl.com/v2/DV90/account/veDQUOv1cDtuRz_D6U65sw", "identifiers": ["*.acme.buct.cn"]}
2024/06/12 03:15:02.167 DEBUG   http.acme_client        http request    {"method": "HEAD", "url": "https://acme.zerossl.com/v2/DV90/newNonce", "headers": {"User-Agent":["Caddy/2.8.4 CertMagic acmez (windows; amd64)"]}, "response_headers": {"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=0, no-cache, no-store"],"Content-Type":["application/octet-stream"],"Date":["Wed, 12 Jun 2024 03:15:01 GMT"],"Link":["<https://acme.zerossl.com/v2/DV90>;rel=\"index\""],"Replay-Nonce":["fOSMEIEfa9lPxbtBt0I054gq4yGPYkDWFhvqaV8A_hE"],"Server":["nginx"],"Strict-Transport-Security":["max-age=15724800; includeSubDomains"]}, "status_code": 200}
2024/06/12 03:15:02.701 DEBUG   http.acme_client        http request    {"method": "POST", "url": "https://acme.zerossl.com/v2/DV90/newOrder", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.8.4 CertMagic acmez (windows; amd64)"]}, "response_headers": {"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=0, no-cache, no-store"],"Content-Length":["276"],"Content-Type":["application/json"],"Date":["Wed, 12 Jun 2024 03:15:02 GMT"],"Location":["https://acme.zerossl.com/v2/DV90/order/czoUQn2m12us-hyooSgqXg"],"Replay-Nonce":["xdKfqUvRs1UDwil5KxZdx58x9xeUwaY8ZCPzfBZE37M"],"Server":["nginx"],"Strict-Transport-Security":["max-age=15724800; includeSubDomains"]}, "status_code": 201}
2024/06/12 03:15:12.570 DEBUG   http.acme_client        http request    {"method": "POST", "url": "https://acme.zerossl.com/v2/DV90/authz/P-JFzUKTHTE5IelPqYcNEQ", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.8.4 CertMagic acmez (windows; amd64)"]}, "response_headers": {"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=0, no-cache, no-store"],"Content-Length":["296"],"Content-Type":["application/json"],"Date":["Wed, 12 Jun 2024 03:15:12 GMT"],"Link":["<https://acme.zerossl.com/v2/DV90>;rel=\"index\""],"Replay-Nonce":["lqkaNIM-hP-hSfk7EKT4yvtuBn-kzO-E5ML_jcsnqN0"],"Retry-After":["5"],"Server":["nginx"],"Strict-Transport-Security":["max-age=15724800; includeSubDomains"]}, "status_code": 200}
2024/06/12 03:15:12.571 INFO    http.acme_client        trying to solve challenge       {"identifier": "*.acme.buct.cn", "challenge_type": "dns-01", "ca": "https://acme.zerossl.com/v2/DV90"}
2024/06/12 03:15:56.695 DEBUG   http.acme_client        done waiting for solverr{"identifier": "*.acme.buct.cn", "challenge_type": "dns-01"}type": "dns-01"}
2024/06/12 03:16:10.692 DEBUG   http.acme_client        http request    {"method": "POST", "url": "https://acme.zerossl.com/v2/DV90/chall/Y_BbtzkY61t9Kbt853IEQw", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.8.4 CertMagic acmez (windows; amd64)"]}, "response_headers": {"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=0, no-cache, no-store"],"Content-Length":["163"],"Content-Type":["application/json"],"Date":["Wed, 12 Jun 2024 03:16:10 GMT"],"Link":["<https://acme.zerossl.com/v2/DV90/authz/P-JFzUKTHTE5IelPqYcNEQ>;rel=\"up\""],"Replay-Nonce":["QJKwIjdtYJ2vO-xvaeEmNK0XkwihIgEt-JAo6rQBBdE"],"Retry-After":["10"],"Server":["nginx"],"Strict-Transport-Security":["max-age=15724800; includeSubDomains"]}, "status_code": 200}
2024/06/12 03:16:10.692 DEBUG   http.acme_client        challenge accepted      {"identifier": "*.acme.buct.cn", "challenge_type": "dns-01"}
2024/06/12 03:16:21.742 DEBUG   http.acme_client        http request    {"method": "POST", "url": "https://acme.zerossl.com/v2/DV90/authz/P-JFzUKTHTE5IelPqYcNEQ", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.8.4 CertMagic acmez (windows; amd64)"]}, "response_headers": {"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=0, no-cache, no-store"],"Content-Length":["299"],"Content-Type":["application/json"],"Date":["Wed, 12 Jun 2024 03:16:21 GMT"],"Link":["<https://acme.zerossl.com/v2/DV90>;rel=\"index\""],"Replay-Nonce":["S9hi3iT2w_kbK9zwptYOOK3H-A_0oyxnqTlShc6cg7A"],"Retry-After":["5"],"Server":["nginx"],"Strict-Transport-Security":["max-age=15724800; includeSubDomains"]}, "status_code": 200}
2024/06/12 03:16:35.328 DEBUG   http.acme_client        http request    {"method": "POST", "url": "https://acme.zerossl.com/v2/DV90/authz/P-JFzUKTHTE5IelPqYcNEQ", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.8.4 CertMagic acmez (windows; amd64)"]}, "response_headers": {"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=0, no-cache, no-store"],"Content-Length":["299"],"Content-Type":["application/json"],"Date":["Wed, 12 Jun 2024 03:16:35 GMT"],"Link":["<https://acme.zerossl.com/v2/DV90>;rel=\"index\""],"Replay-Nonce":["LSi4bJangk7kMPhq_H-IasfvpJUZ7ipX9Hm7VfrboqY"],"Retry-After":["5"],"Server":["nginx"],"Strict-Transport-Security":["max-age=15724800; includeSubDomains"]}, "status_code": 200}
2024/06/12 03:16:40.695 DEBUG   http.acme_client        http request    {"method": "POST", "url": "https://acme.zerossl.com/v2/DV90/authz/P-JFzUKTHTE5IelPqYcNEQ", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.8.4 CertMagic acmez (windows; amd64)"]}, "response_headers": {"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=0, no-cache, no-store"],"Content-Length":["299"],"Content-Type":["application/json"],"Date":["Wed, 12 Jun 2024 03:16:40 GMT"],"Link":["<https://acme.zerossl.com/v2/DV90>;rel=\"index\""],"Replay-Nonce":["hxak3i8qao_cyfvDmLblJ4CDkWjCtb1hcboDbbL71f4"],"Retry-After":["5"],"Server":["nginx"],"Strict-Transport-Security":["max-age=15724800; includeSubDomains"]}, "status_code": 200}
2024/06/12 03:16:56.108 DEBUG   http.acme_client        http request    {"method": "POST", "url": "https://acme.zerossl.com/v2/DV90/authz/P-JFzUKTHTE5IelPqYcNEQ", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.8.4 CertMagic acmez (windows; amd64)"]}, "response_headers": {"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=0, no-cache, no-store"],"Content-Length":["299"],"Content-Type":["application/json"],"Date":["Wed, 12 Jun 2024 03:16:55 GMT"],"Link":["<https://acme.zerossl.com/v2/DV90>;rel=\"index\""],"Replay-Nonce":["il-f2sNmJUeiMdiDPgJXh6vb40iv034VTRTnCRC5oOA"],"Retry-After":["5"],"Server":["nginx"],"Strict-Transport-Security":["max-age=15724800; includeSubDomains"]}, "status_code": 200}
2024/06/12 03:17:13.029 DEBUG   http.acme_client        http request    {"method": "POST", "url": "https://acme.zerossl.com/v2/DV90/authz/P-JFzUKTHTE5IelPqYcNEQ", "headers": {"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.8.4 CertMagic acmez (windows; amd64)"]}, "response_headers": {"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=0, no-cache, no-store"],"Content-Length":["299"],"Content-Type":["application/json"],"Date":["Wed, 12 Jun 2024 03:17:12 GMT"],"Link":["<https://acme.zerossl.com/v2/DV90>;rel=\"index\""],"Replay-Nonce":["wGF6aeeo5sTIADv2ibW6IfLI4cbO_2M99TfroWypABE"],"Retry-After":["86400"],"Server":["nginx"],"Strict-Transport-Security":["max-age=15724800; includeSubDomains"]}, "status_code": 200}
2024/06/12 03:17:16.743 INFO    shutting down   {"signal": "SIGINT"}
2024/06/12 03:17:16.743 WARN    exiting; byeee!! 👋     {"signal": "SIGINT"}
2024/06/12 03:17:16.743 INFO    http    servers shutting down with eternal grace period
2024/06/12 03:17:16.744 INFO    admin   stopped previous server {"address": "localhost:2019"}
2024/06/12 03:17:16.744 INFO    shutdown complete       {"signal": "SIGINT", "exit_code": 0}
francislavoie commented 2 weeks ago

That's working as intended. If you specify the issuers directly then you must put your config inside the issuer. The most specific config wins.

mholt commented 2 weeks ago

And this can probably be seen with caddy adapt --pretty (though I haven't run it through myself yet). Caddyfile isn't like CSS (it doesn't cascade).