Open the-bort-the opened 3 hours ago
francislavoie
commented
3 hours ago That error is that Caddy is trying to get a TLS cert for your domain using the ACME HTTP challenge, which requires port 80 to be open and forwarded. Let's Encrypt is not able to connect to your server, so something with your networking setup is not correct.
the-bort-the
commented
1 hour ago I am running OpenWRT on my modem/router and I know this might be out of scope for here, but I exposed 80 and 443 and believe the issues still persists:
/etc/config/firewall:
config redirect
option name 'HTTP-Forward'
option src 'wan'
option src_dport '80'
option dest 'lan'
option dest_ip '192.x.x.x'
option dest_port '80'
option target 'lan'
option proto 'tcp'
option enabled '1'
config redirect
option name 'HTTPS-Forward'
option src 'wan'
option src_dport '443'
option dest 'lan'
option dest_ip '192.x.x.x'
option dest_port '443'
option target 'lan'
option proto 'tcp'
option enabled '1'
Then heading to https://letsdebug.net/, I'm seeing these errors. Seeing the error regarding no record is confusing as I have the A record being created by the dynamic dns plugin being created as part of the dockerfile.
[IssueFromLetsEncrypt](https://letsdebug.net/itsacomputer.com/2284460#IssueFromLetsEncrypt-Error)
Error
A test authorization for itsacomputer.com to the Let's Encrypt staging service has revealed issues that may prevent any certificate for this domain being issued.
no valid A records found for itsacomputer.com; no valid AAAA records found for itsacomputer.com
[NoRecords](https://letsdebug.net/itsacomputer.com/2284463#NoRecords-Fatal)
Fatal
No valid A or AAAA records could be ultimately resolved for itsacomputer.com. This means that Let's Encrypt would not be able to connect to your domain to perform HTTP validation, since it would not know where to connect to.
No A or AAAA records found.
Crossposting from the Caddy community forum to see if this could be a true bug nor not I’m trying to complete the setup and configuration of caddy-docker-proxy I found here 1. I have used the exact same docker-compose.yml and Dockerfile.
I have used my own domain in place of course. The caddy container is running, updating my A record within Cloudflare, but ultimately shows a few errors as seen in the title of the post with more presented below.
I have used their Caddyfile as mine as well. Lastly I have implemented the adguard container as shown in the same github repo.
Basically I want to use my domain and caddy-docker-proxy to get a certificate for any other applications that are started using a docker-compose.yml (adguard, pihole, jellyfin, etc.)
error from logs:
{"level":"error","ts":1731613001.0729275,"logger":"tls.issuance.acme.acme_client","msg":"challenge failed","identifier":"adguard.itsacomputer.com","challenge_type":"http-01","problem":{"type":"urn:ietf:params:acme:error:connection","title":"","detail":"REDACTED PUBLIC IP: Fetching http://adguard.itsacomputer.com/.well-known/acme-challenge/wWj13Yl89YUWhJkKn_qyQiahgTXiSM5ukmfJuzLR7JQ: Connection refused","instance":"","subproblems":[]}} {"level":"error","ts":1731613001.0730493,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"adguard.itsacomputer.com","issuer":"acme-v02.api.letsencrypt.org-directory","error":"HTTP 400 urn:ietf:params:acme:error:connection - REDACTED PUBLIC IP: Fetching http://adguard.itsacomputer.com/.well-known/acme-challenge/wWj13Yl89YUWhJkKn_qyQiahgTXiSM5ukmfJuzLR7JQ: Connection refused"}caddyfile:
dockerfile: