GiftChees
Reputation: 31
Error during dokku let's encrypt certification
I'm trying to get an ssl certificate for my dokku app, but keep getting the following error:
=====> Enabling letsencrypt for personal-app
-----> Enabling ACME proxy for personal-app...
-----> Setting temporary site
Job for nginx.service failed.
See "systemctl status nginx.service" and "journalctl -xe" for details.
-----> Getting letsencrypt certificate for personal-app via HTTP-01
- Domain 'app.[my-domain].ch'
2024/02/11 14:59:15 [INFO] [app.[my-domain].ch] acme: Obtaining bundled SAN certificate
2024/02/11 14:59:16 [INFO] [app.[my-domain].ch] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/314082842777
2024/02/11 14:59:16 [INFO] [app.[my-domain].ch] acme: Could not find solver for: tls-alpn-01
2024/02/11 14:59:16 [INFO] [app.[my-domain].ch] acme: use http-01 solver
2024/02/11 14:59:16 [INFO] [app.[my-domain].ch] acme: Trying to solve HTTP-01
2024/02/11 14:59:19 [INFO] Deactivating auth: https://acme-v02.api.letsencrypt.org/acme/authz-v3/314082842777
2024/02/11 14:59:19 Could not obtain certificates:
error: one or more domains had a problem:
[app.[my-domain].ch] acme: error: 403 :: urn:ietf:params:acme:error:unauthorized :: 142.132.187.148: Invalid response from http://app.[my-domain].ch/.well-known/acme-challenge/VTYxIcvj1BHEXzQKaTF67Sp8GPYemQqQSNubW-VMKnk: 404
-----> Certificate retrieval failed!
-----> Disabling ACME proxy for personal-app...
! Failed to setup letsencrypt
! Check log output for further information on failure
I double checked that I have a correct A-Record in the DNS config of my domain. I can reach the server via ssh or http through the domain. (With http it just shows the welcome to nginx page)
Log of 'systemctl status nginx.service':
● nginx.service - A high performance web server and a reverse proxy server
Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
Active: active (running) since Sun 2024-02-11 14:50:16 UTC; 50min ago
Docs: man:nginx(8)
Process: 39421 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
Process: 39442 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
Process: 47531 ExecReload=/usr/sbin/nginx -g daemon on; master_process on; -s reload (code=exited, status=0/SUCCESS)
Main PID: 39451 (nginx)
Tasks: 2 (limit: 2261)
Memory: 4.6M
CGroup: /system.slice/nginx.service
├─39451 nginx: master process /usr/sbin/nginx -g daemon on; master_process on;
└─47532 nginx: worker process
Feb 11 15:16:06 personal1-1core1gb systemd[1]: Reloading A high performance web server and a reverse proxy server.
Feb 11 15:16:06 personal1-1core1gb systemd[1]: Reloaded A high performance web server and a reverse proxy server.
Feb 11 15:18:58 personal1-1core1gb systemd[1]: Reloading A high performance web server and a reverse proxy server.
Feb 11 15:18:58 personal1-1core1gb systemd[1]: Reloaded A high performance web server and a reverse proxy server.
Feb 11 15:18:58 personal1-1core1gb systemd[1]: Reloading A high performance web server and a reverse proxy server.
Feb 11 15:18:58 personal1-1core1gb nginx[47100]: nginx: [emerg] invalid number of arguments in "access_log" directive in /home/dokku/personal-app/nginx.con>
Feb 11 15:18:58 personal1-1core1gb systemd[1]: nginx.service: Control process exited, code=exited, status=1/FAILURE
Feb 11 15:18:58 personal1-1core1gb systemd[1]: Reload failed for A high performance web server and a reverse proxy server.
Feb 11 15:19:00 personal1-1core1gb systemd[1]: Reloading A high performance web server and a reverse proxy server.
Feb 11 15:19:00 personal1-1core1gb systemd[1]: Reloaded A high performance web server and a reverse proxy server.
Log of 'journalctl -xe':
-- A start job for unit dokku-retire.service has begun execution.
--
-- The job identifier is 3677.
Feb 11 15:35:40 personal1-1core1gb dokku[48365]: -----> Retiring old containers and images
Feb 11 15:35:40 personal1-1core1gb systemd[1]: dokku-retire.service: Succeeded.
-- Subject: Unit succeeded
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- The unit dokku-retire.service has successfully entered the 'dead' state.
Feb 11 15:35:40 personal1-1core1gb systemd[1]: Finished Dokku retire service.
-- Subject: A start job for unit dokku-retire.service has finished successfully
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- A start job for unit dokku-retire.service has finished successfully.
--
-- The job identifier is 3677.
Feb 11 15:37:52 personal1-1core1gb sshd[48598]: Invalid user public_django_project from 68.183.148.142 port 33464
Feb 11 15:37:52 personal1-1core1gb sshd[48598]: pam_unix(sshd:auth): check pass; user unknown
Feb 11 15:37:52 personal1-1core1gb sshd[48598]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.148.142
Feb 11 15:37:54 personal1-1core1gb sshd[48598]: Failed password for invalid user public_django_project from 68.183.148.142 port 33464 ssh2
Feb 11 15:37:55 personal1-1core1gb sshd[48598]: Connection closed by invalid user public_django_project 68.183.148.142 port 33464 [preauth]
Feb 11 15:40:49 personal1-1core1gb systemd[1]: Starting Dokku retire service...
-- Subject: A start job for unit dokku-retire.service has begun execution
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- A start job for unit dokku-retire.service has begun execution.
--
-- The job identifier is 3765.
Feb 11 15:40:49 personal1-1core1gb dokku[48629]: -----> Retiring old containers and images
Feb 11 15:40:49 personal1-1core1gb systemd[1]: dokku-retire.service: Succeeded.
-- Subject: Unit succeeded
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- The unit dokku-retire.service has successfully entered the 'dead' state.
Feb 11 15:40:49 personal1-1core1gb systemd[1]: Finished Dokku retire service.
-- Subject: A start job for unit dokku-retire.service has finished successfully
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- A start job for unit dokku-retire.service has finished successfully.
--
-- The job identifier is 3765.
I checked the firewall configuration and made sure the server allows connections on port 80 (telnet app.mydomain.ch 80).
I also completely rebuilt the server and precisely followed the instructions of the dokku documentation. (https://dokku.com/docs/deployment/application-deployment/)
Upvotes: 1
Views: 274
Answers (0)
Related Questions
- My NIGINX server is down. How do I restart it? I am fairly new to NGINX and CentOS
- change nginx root directory in centos 7
- How to run Nginx on a different port other than 80
- Issues starting up nginx with conf files
- What is the solution to this, Nginx stop when ever I restart it
- Unable to start Nginx server in ubuntu server
- reinstall nginx if i delete /etc/nginx in centos server how to reinstall it again i am new in centos and nginx