Unable to obtain ACME certificate for domains
2020-12-28
Categories: DevOps
Lets Encrypt tells me that my domain contains an invalid character. What is it?
remark42
is configured like this:
1 remark42: 2 image: umputun/remark42:arm64 3 container_name: "remark42" 4 restart: always 5 labels: 6 - traefik.enable=true 7 - traefik.http.routers.remark42.rule=Host(`${REMARK_URL}`) 8 - traefik.http.routers.remark42.entrypoints=https 9 - traefik.http.routers.remark42.tls.certresolver=le 10 - traefik.http.services.remark42.loadbalancer.server.port=8080
Running docker-compose up -d remark42
, and I saw the following error in the traefik
logs:
1time="2020-12-28T02:42:29Z" level=error msg="Unable to obtain ACME certificate for domains \"https://remark42.domain.com\": 2unable to generate a certificate for the domains [https://remark42.domain.com]: 3acme: error: 400 :: POST :: https://acme-v02.api.letsencrypt.org/acme/new-order :: urn:ietf:params:acme:error:rejectedIdentifier :: 4Error creating new order :: Cannot issue for \"https://remark42.domain.com\": Domain name contains an invalid character, 5url: " providerName=le.acme routerName=remark42@docker rule="Host(`https://remark42.domain.com`)"
What’s going on? What character is invalid?
Looked at that error more closely, I figured out that the culprit is https://
. Host
rule should only contains the domain:
- https://doc.traefik.io/traefik/https/acme/
- https://doc.traefik.io/traefik/routing/routers/#rule
- https://doc.traefik.io/traefik/user-guides/docker-compose/acme-tls/
Tags: traefik letsencrypt
Related Posts:
- Let's Encrypt too many certificates already issued
- Docker rootless keeps restarting?
- gocloud - writing data to a bucket: 403
- Terraform failed to acquire state lock: 403: Access denied., forbidden
- Docker Compose healthcheck