"Life is all about sharing. If we are good at something, pass it on." - Mary Berry

Unable to obtain ACME certificate for domains

visitor badge

2020-12-28

Categories: DevOps

Lets Encrypt tells me that my domain contains an invalid character. What is it?

remark42 is configured like this:

 1  remark42:
 2    image: umputun/remark42:arm64
 3    container_name: "remark42"
 4    restart: always
 5    labels:
 6      - traefik.enable=true
 7      - traefik.http.routers.remark42.rule=Host(`${REMARK_URL}`)
 8      - traefik.http.routers.remark42.entrypoints=https
 9      - traefik.http.routers.remark42.tls.certresolver=le
10      - traefik.http.services.remark42.loadbalancer.server.port=8080

Running docker-compose up -d remark42, and I saw the following error in the traefik logs:

1time="2020-12-28T02:42:29Z" level=error msg="Unable to obtain ACME certificate for domains \"https://remark42.domain.com\": 
2unable to generate a certificate for the domains [https://remark42.domain.com]: 
3acme: error: 400 :: POST :: https://acme-v02.api.letsencrypt.org/acme/new-order :: urn:ietf:params:acme:error:rejectedIdentifier :: 
4Error creating new order :: Cannot issue for \"https://remark42.domain.com\": Domain name contains an invalid character, 
5url: " providerName=le.acme routerName=remark42@docker rule="Host(`https://remark42.domain.com`)"

What’s going on? What character is invalid?

Looked at that error more closely, I figured out that the culprit is https://. Host rule should only contains the domain:

Tags: traefik letsencrypt

Edit on GitHub

Related Posts: