Last active
May 17, 2020 17:32
-
-
Save McFateM/dd5e7b016ccfd3d71b91f5c8602c3f33 to your computer and use it in GitHub Desktop.
DGDocker3 Test 1 Log - HTTP-01 Challenge with LE Staging
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| c729c0d0fa2925d13381efd22fad4ce0ef8c3f8866ee6958bff4a429a08d3a4d | |
| Pulling traefik (traefik:2.2.1)... | |
| 2.2.1: Pulling from library/traefik | |
| cbdbe7a5bc2a: Pull complete | |
| f16506d32a25: Pull complete | |
| 2be216d464d0: Pull complete | |
| aed51f08b610: Pull complete | |
| Digest: sha256:ad4442a6f88cf35266542588f13ae9984aa058a55a518a87876e48c160d19ee0 | |
| Status: Downloaded newer image for traefik:2.2.1 | |
| Creating traefik ... done | |
| Attaching to traefik | |
| traefik | time="2020-05-17T13:09:13-04:00" level=info msg="Configuration loaded from file: /traefik.yml" | |
| Creating network "watchtower_default" with the default driver | |
| Pulling watchtower (containrrr/watchtower:)... | |
| latest: Pulling from containrrr/watchtower | |
| c4b177d7cf7a: Pull complete | |
| 676d5222541c: Pull complete | |
| 00dbe20f4a5b: Pull complete | |
| Digest: sha256:76fb863ea0c513d870f8634a13e061f81c387a62ecc27ad64f9b06179181c394 | |
| Status: Downloaded newer image for containrrr/watchtower:latest | |
| Creating watchtower ... done | |
| Attaching to watchtower | |
| Pulling portainer (portainer/portainer:1.23.2)... | |
| 1.23.2: Pulling from portainer/portainer | |
| d1e017099d17: Pull complete | |
| a7dca5b5a9e8: Pull complete | |
| Digest: sha256:4ae7f14330b56ffc8728e63d355bc4bc7381417fa45ba0597e5dd32682901080 | |
| Status: Downloaded newer image for portainer/portainer:1.23.2 | |
| Creating portainer ... done | |
| Attaching to portainer | |
| portainer | 2020/05/17 13:09:22 Templates already registered inside the database. Skipping template import. | |
| portainer | 2020/05/17 13:09:22 server: Reverse tunnelling enabled | |
| portainer | 2020/05/17 13:09:22 server: Fingerprint 83:bd:ad:29:c2:df:9d:7c:fc:e9:2f:b2:f3:00:4b:9d | |
| portainer | 2020/05/17 13:09:22 server: Listening on 0.0.0.0:8000... | |
| portainer | 2020/05/17 13:09:22 Starting Portainer 1.23.2 on :9000 | |
| portainer | 2020/05/17 13:09:22 [DEBUG] [chisel, monitoring] [check_interval_seconds: 10.000000] [message: starting tunnel management process] | |
| Pulling landing (mcfatem/dgdocker3-landing:latest)... | |
| latest: Pulling from mcfatem/dgdocker3-landing | |
| 4167d3e14976: Pull complete | |
| bb292c78f105: Pull complete | |
| 8808515ed9bb: Pull complete | |
| Digest: sha256:089b9975157c0e94eab1d704b73a5311806ee0c2dc68664a4dc40e0de386e4f6 | |
| Status: Downloaded newer image for mcfatem/dgdocker3-landing:latest | |
| Creating landing-page ... done | |
| Attaching to landing-page | |
| Dumping traefik.log... | |
| time="2020-05-17T13:09:13-04:00" level=info msg="Traefik version 2.2.1 built on 2020-04-29T18:02:09Z" | |
| time="2020-05-17T13:09:13-04:00" level=debug msg="Static configuration loaded {\"global\":{\"checkNewVersion\":true},\"serversTransport\":{\"maxIdleConnsPerHost\":200},\"entryPoints\":{\"http\":{\"address\":\":80\",\"transport\":{\"lifeCycle\":{\"graceTimeOut\":10000000000},\"respondingTimeouts\":{\"idleTimeout\":180000000000}},\"forwardedHeaders\":{},\"http\":{}},\"https\":{\"address\":\":443\",\"transport\":{\"lifeCycle\":{\"graceTimeOut\":10000000000},\"respondingTimeouts\":{\"idleTimeout\":180000000000}},\"forwardedHeaders\":{},\"http\":{}}},\"providers\":{\"providersThrottleDuration\":2000000000,\"docker\":{\"watch\":true,\"endpoint\":\"unix:///var/run/docker.sock\",\"defaultRule\":\"Host(`{{ normalize .Name }}`)\",\"swarmModeRefreshSeconds\":15000000000}},\"api\":{\"dashboard\":true},\"log\":{\"level\":\"DEBUG\",\"filePath\":\"/var/log/traefik.log\",\"format\":\"common\"},\"certificatesResolvers\":{\"http\":{\"acme\":{\"email\":\"digital@grinnell.edu\",\"caServer\":\"https://acme-staging-v02.api.letsencrypt.org/directory\",\"storage\":\"acme.json\",\"keyType\":\"RSA4096\",\"httpChallenge\":{\"entryPoint\":\"http\"}}}}}" | |
| time="2020-05-17T13:09:13-04:00" level=info msg="\nStats collection is disabled.\nHelp us improve Traefik by turning this feature on :)\nMore details on: https://docs.traefik.io/contributing/data-collection/\n" | |
| time="2020-05-17T13:09:13-04:00" level=info msg="Starting provider aggregator.ProviderAggregator {}" | |
| time="2020-05-17T13:09:13-04:00" level=debug msg="Start TCP Server" entryPointName=http | |
| time="2020-05-17T13:09:13-04:00" level=debug msg="Start TCP Server" entryPointName=https | |
| time="2020-05-17T13:09:13-04:00" level=info msg="Starting provider *acme.Provider {\"email\":\"digital@grinnell.edu\",\"caServer\":\"https://acme-staging-v02.api.letsencrypt.org/directory\",\"storage\":\"acme.json\",\"keyType\":\"RSA4096\",\"httpChallenge\":{\"entryPoint\":\"http\"},\"ResolverName\":\"http\",\"store\":{},\"ChallengeStore\":{}}" | |
| time="2020-05-17T13:09:13-04:00" level=info msg="Testing certificate renew..." providerName=http.acme | |
| time="2020-05-17T13:09:13-04:00" level=info msg="Starting provider *docker.Provider {\"watch\":true,\"endpoint\":\"unix:///var/run/docker.sock\",\"defaultRule\":\"Host(`{{ normalize .Name }}`)\",\"swarmModeRefreshSeconds\":15000000000}" | |
| time="2020-05-17T13:09:13-04:00" level=info msg="Starting provider *traefik.Provider {}" | |
| time="2020-05-17T13:09:13-04:00" level=debug msg="Configuration received from provider http.acme: {\"http\":{},\"tls\":{}}" providerName=http.acme | |
| time="2020-05-17T13:09:13-04:00" level=debug msg="Configuration received from provider internal: {\"http\":{\"services\":{\"api\":{},\"dashboard\":{},\"noop\":{}}},\"tcp\":{},\"tls\":{}}" providerName=internal | |
| time="2020-05-17T13:09:13-04:00" level=debug msg="No default certificate, generating one" | |
| time="2020-05-17T13:09:13-04:00" level=debug msg="Provider connection established with docker 19.03.8 (API 1.40)" providerName=docker | |
| time="2020-05-17T13:09:13-04:00" level=debug msg="Configuration received from provider docker: {\"http\":{\"routers\":{\"http-catchall\":{\"entryPoints\":[\"http\"],\"middlewares\":[\"redirect-to-https\"],\"service\":\"traefik-traefik\",\"rule\":\"hostregexp(`{host:[a-z-.]+}`)\"},\"traefik-secure\":{\"entryPoints\":[\"https\"],\"middlewares\":[\"traefik-auth\"],\"service\":\"api@internal\",\"rule\":\"Host(`dgdocker3.grinnell.edu`) \\u0026\\u0026 (PathPrefix(`/api`) || PathPrefix(`/dashboard`))\",\"tls\":{\"certResolver\":\"http\"}}},\"services\":{\"traefik-traefik\":{\"loadBalancer\":{\"servers\":[{\"url\":\"http://172.20.0.2:80\"}],\"passHostHeader\":true}}},\"middlewares\":{\"redirect-to-https\":{\"redirectScheme\":{\"scheme\":\"https\"}},\"traefik-auth\":{\"basicAuth\":{\"users\":[\"admin:$2y$05$pJEzHJBzfoYYS7/hGAedcOP8XdsqNXE7j.LHFBVjueASOqOvvjGOy\"]}}}},\"tcp\":{},\"udp\":{}}" providerName=docker | |
| time="2020-05-17T13:09:13-04:00" level=debug msg="No default certificate, generating one" | |
| time="2020-05-17T13:09:14-04:00" level=debug msg="Creating middleware" middlewareName=pipelining middlewareType=Pipelining entryPointName=http routerName=http-catchall@docker serviceName=traefik-traefik | |
| time="2020-05-17T13:09:14-04:00" level=debug msg="Creating load-balancer" entryPointName=http routerName=http-catchall@docker serviceName=traefik-traefik | |
| time="2020-05-17T13:09:14-04:00" level=debug msg="Creating server 0 http://172.20.0.2:80" serverName=0 serviceName=traefik-traefik entryPointName=http routerName=http-catchall@docker | |
| time="2020-05-17T13:09:14-04:00" level=debug msg="Added outgoing tracing middleware traefik-traefik" routerName=http-catchall@docker middlewareName=tracing middlewareType=TracingForwarder entryPointName=http | |
| time="2020-05-17T13:09:14-04:00" level=debug msg="Creating middleware" middlewareType=RedirectScheme entryPointName=http routerName=http-catchall@docker middlewareName=redirect-to-https@docker | |
| time="2020-05-17T13:09:14-04:00" level=debug msg="Setting up redirection to https " middlewareName=redirect-to-https@docker middlewareType=RedirectScheme entryPointName=http routerName=http-catchall@docker | |
| time="2020-05-17T13:09:14-04:00" level=debug msg="Adding tracing to middleware" routerName=http-catchall@docker middlewareName=redirect-to-https@docker entryPointName=http | |
| time="2020-05-17T13:09:14-04:00" level=debug msg="Creating middleware" entryPointName=http middlewareName=traefik-internal-recovery middlewareType=Recovery | |
| time="2020-05-17T13:09:14-04:00" level=debug msg="Added outgoing tracing middleware api@internal" middlewareType=TracingForwarder entryPointName=https routerName=traefik-secure@docker middlewareName=tracing | |
| time="2020-05-17T13:09:14-04:00" level=debug msg="Creating middleware" entryPointName=https routerName=traefik-secure@docker middlewareName=traefik-auth@docker middlewareType=BasicAuth | |
| time="2020-05-17T13:09:14-04:00" level=debug msg="Adding tracing to middleware" routerName=traefik-secure@docker middlewareName=traefik-auth@docker entryPointName=https | |
| time="2020-05-17T13:09:14-04:00" level=debug msg="Creating middleware" middlewareName=traefik-internal-recovery middlewareType=Recovery entryPointName=https | |
| time="2020-05-17T13:09:14-04:00" level=debug msg="No default certificate, generating one" | |
| time="2020-05-17T13:09:14-04:00" level=debug msg="Try to challenge certificate for domain [dgdocker3.grinnell.edu] found in HostSNI rule" routerName=traefik-secure@docker rule="Host(`dgdocker3.grinnell.edu`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))" providerName=http.acme | |
| time="2020-05-17T13:09:14-04:00" level=debug msg="Looking for provided certificate(s) to validate [\"dgdocker3.grinnell.edu\"]..." rule="Host(`dgdocker3.grinnell.edu`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))" providerName=http.acme routerName=traefik-secure@docker | |
| time="2020-05-17T13:09:14-04:00" level=debug msg="Domains [\"dgdocker3.grinnell.edu\"] need ACME certificates generation for domains \"dgdocker3.grinnell.edu\"." routerName=traefik-secure@docker rule="Host(`dgdocker3.grinnell.edu`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))" providerName=http.acme | |
| time="2020-05-17T13:09:14-04:00" level=debug msg="Loading ACME certificates [dgdocker3.grinnell.edu]..." providerName=http.acme routerName=traefik-secure@docker rule="Host(`dgdocker3.grinnell.edu`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))" | |
| time="2020-05-17T13:09:14-04:00" level=debug msg="Serving default certificate for request: \"dgdocker3.grinnell.edu\"" | |
| time="2020-05-17T13:09:14-04:00" level=debug msg="Serving default certificate for request: \"dgdocker3.grinnell.edu\"" | |
| time="2020-05-17T13:09:14-04:00" level=debug msg="http: TLS handshake error from 132.161.249.251:51447: remote error: tls: bad certificate" | |
| time="2020-05-17T13:09:14-04:00" level=debug msg="http: TLS handshake error from 132.161.249.251:51448: remote error: tls: bad certificate" | |
| time="2020-05-17T13:09:16-04:00" level=debug msg="Building ACME client..." providerName=http.acme | |
| time="2020-05-17T13:09:16-04:00" level=debug msg="https://acme-staging-v02.api.letsencrypt.org/directory" providerName=http.acme | |
| time="2020-05-17T13:09:16-04:00" level=info msg=Register... providerName=http.acme | |
| time="2020-05-17T13:09:16-04:00" level=debug msg="legolog: [INFO] acme: Registering account for digital@grinnell.edu" | |
| time="2020-05-17T13:09:17-04:00" level=debug msg="Using HTTP Challenge provider." providerName=http.acme | |
| time="2020-05-17T13:09:17-04:00" level=debug msg="legolog: [INFO] [dgdocker3.grinnell.edu] acme: Obtaining bundled SAN certificate" | |
| time="2020-05-17T13:09:17-04:00" level=debug msg="legolog: [INFO] [dgdocker3.grinnell.edu] AuthURL: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/57342529" | |
| time="2020-05-17T13:09:17-04:00" level=debug msg="legolog: [INFO] [dgdocker3.grinnell.edu] acme: Could not find solver for: tls-alpn-01" | |
| time="2020-05-17T13:09:17-04:00" level=debug msg="legolog: [INFO] [dgdocker3.grinnell.edu] acme: use http-01 solver" | |
| time="2020-05-17T13:09:17-04:00" level=debug msg="legolog: [INFO] [dgdocker3.grinnell.edu] acme: Trying to solve HTTP-01" | |
| time="2020-05-17T13:09:17-04:00" level=debug msg="Provider event received {Status:start ID:a9ba173931aa8018b61ea4f07c18cd079a1a93aea81113c3faed78745a7ac1a5 From:containrrr/watchtower Type:container Action:start Actor:{ID:a9ba173931aa8018b61ea4f07c18cd079a1a93aea81113c3faed78745a7ac1a5 Attributes:map[com.centurylinklabs.watchtower:true com.docker.compose.config-hash:fbbe98cabf78ab96e8f6c95d30f40d10c2185984ec046d8e8be402879e831396 com.docker.compose.container-number:1 com.docker.compose.oneoff:False com.docker.compose.project:watchtower com.docker.compose.project.config_files:docker-compose.yml com.docker.compose.project.working_dir:/opt/containers/watchtower com.docker.compose.service:watchtower com.docker.compose.version:1.25.1 image:containrrr/watchtower name:watchtower traefik.enable:false]} Scope:local Time:1589735357 TimeNano:1589735357461088850}" providerName=docker | |
| time="2020-05-17T13:09:17-04:00" level=debug msg="Filtering disabled container" providerName=docker container=watchtower-watchtower-a9ba173931aa8018b61ea4f07c18cd079a1a93aea81113c3faed78745a7ac1a5 | |
| time="2020-05-17T13:09:17-04:00" level=debug msg="Configuration received from provider docker: {\"http\":{\"routers\":{\"http-catchall\":{\"entryPoints\":[\"http\"],\"middlewares\":[\"redirect-to-https\"],\"service\":\"traefik-traefik\",\"rule\":\"hostregexp(`{host:[a-z-.]+}`)\"},\"traefik-secure\":{\"entryPoints\":[\"https\"],\"middlewares\":[\"traefik-auth\"],\"service\":\"api@internal\",\"rule\":\"Host(`dgdocker3.grinnell.edu`) \\u0026\\u0026 (PathPrefix(`/api`) || PathPrefix(`/dashboard`))\",\"tls\":{\"certResolver\":\"http\"}}},\"services\":{\"traefik-traefik\":{\"loadBalancer\":{\"servers\":[{\"url\":\"http://172.20.0.2:80\"}],\"passHostHeader\":true}}},\"middlewares\":{\"redirect-to-https\":{\"redirectScheme\":{\"scheme\":\"https\"}},\"traefik-auth\":{\"basicAuth\":{\"users\":[\"admin:$2y$05$pJEzHJBzfoYYS7/hGAedcOP8XdsqNXE7j.LHFBVjueASOqOvvjGOy\"]}}}},\"tcp\":{},\"udp\":{}}" providerName=docker | |
| time="2020-05-17T13:09:17-04:00" level=debug msg="Creating middleware" middlewareType=Pipelining routerName=http-catchall@docker entryPointName=http serviceName=traefik-traefik middlewareName=pipelining | |
| time="2020-05-17T13:09:17-04:00" level=debug msg="Creating load-balancer" entryPointName=http serviceName=traefik-traefik routerName=http-catchall@docker | |
| time="2020-05-17T13:09:17-04:00" level=debug msg="Creating server 0 http://172.20.0.2:80" entryPointName=http serviceName=traefik-traefik routerName=http-catchall@docker serverName=0 | |
| time="2020-05-17T13:09:17-04:00" level=debug msg="Added outgoing tracing middleware traefik-traefik" middlewareName=tracing middlewareType=TracingForwarder entryPointName=http routerName=http-catchall@docker | |
| time="2020-05-17T13:09:17-04:00" level=debug msg="Creating middleware" routerName=http-catchall@docker middlewareType=RedirectScheme middlewareName=redirect-to-https@docker entryPointName=http | |
| time="2020-05-17T13:09:17-04:00" level=debug msg="Setting up redirection to https " entryPointName=http routerName=http-catchall@docker middlewareType=RedirectScheme middlewareName=redirect-to-https@docker | |
| time="2020-05-17T13:09:17-04:00" level=debug msg="Adding tracing to middleware" entryPointName=http routerName=http-catchall@docker middlewareName=redirect-to-https@docker | |
| time="2020-05-17T13:09:17-04:00" level=debug msg="Creating middleware" entryPointName=http middlewareName=traefik-internal-recovery middlewareType=Recovery | |
| time="2020-05-17T13:09:17-04:00" level=debug msg="Added outgoing tracing middleware api@internal" middlewareType=TracingForwarder routerName=traefik-secure@docker entryPointName=https middlewareName=tracing | |
| time="2020-05-17T13:09:17-04:00" level=debug msg="Creating middleware" entryPointName=https routerName=traefik-secure@docker middlewareName=traefik-auth@docker middlewareType=BasicAuth | |
| time="2020-05-17T13:09:17-04:00" level=debug msg="Adding tracing to middleware" entryPointName=https routerName=traefik-secure@docker middlewareName=traefik-auth@docker | |
| time="2020-05-17T13:09:17-04:00" level=debug msg="Creating middleware" entryPointName=https middlewareName=traefik-internal-recovery middlewareType=Recovery | |
| time="2020-05-17T13:09:17-04:00" level=debug msg="No default certificate, generating one" | |
| time="2020-05-17T13:09:17-04:00" level=debug msg="Try to challenge certificate for domain [dgdocker3.grinnell.edu] found in HostSNI rule" providerName=http.acme routerName=traefik-secure@docker rule="Host(`dgdocker3.grinnell.edu`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))" | |
| time="2020-05-17T13:09:17-04:00" level=debug msg="Looking for provided certificate(s) to validate [\"dgdocker3.grinnell.edu\"]..." providerName=http.acme routerName=traefik-secure@docker rule="Host(`dgdocker3.grinnell.edu`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))" | |
| time="2020-05-17T13:09:17-04:00" level=debug msg="No ACME certificate generation required for domains [\"dgdocker3.grinnell.edu\"]." providerName=http.acme routerName=traefik-secure@docker rule="Host(`dgdocker3.grinnell.edu`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))" | |
| time="2020-05-17T13:09:18-04:00" level=debug msg="Serving default certificate for request: \"dgdocker3.grinnell.edu\"" | |
| time="2020-05-17T13:09:18-04:00" level=debug msg="http: TLS handshake error from 132.161.249.251:51453: remote error: tls: bad certificate" | |
| time="2020-05-17T13:09:22-04:00" level=debug msg="Provider event received {Status:start ID:16ca25673841258f865c88c17e7e8fa1695e2935e43884115377cf6db6eef8a4 From:portainer/portainer:1.23.2 Type:container Action:start Actor:{ID:16ca25673841258f865c88c17e7e8fa1695e2935e43884115377cf6db6eef8a4 Attributes:map[com.docker.compose.config-hash:10b9bdf905a02c8bf5f41b256ff7ae09846614afbecb9dcc4e2e06c954f4914f com.docker.compose.container-number:1 com.docker.compose.oneoff:False com.docker.compose.project:portainer com.docker.compose.project.config_files:docker-compose.yml com.docker.compose.project.working_dir:/opt/containers/portainer com.docker.compose.service:portainer com.docker.compose.version:1.25.1 image:portainer/portainer:1.23.2 name:portainer traefik.docker.network:proxy traefik.enable:true traefik.http.middlewares.portainer-auth.basicauth.users:admin:$2y$05$pJEzHJBzfoYYS7/hGAedcOP8XdsqNXE7j.LHFBVjueASOqOvvjGOy traefik.http.middlewares.portainer-stripprefix.stripprefix.prefixes:/portainer traefik.http.routers.portainer-secure.entrypoints:https traefik.http.routers.portainer-secure.middlewares:portainer-stripprefix traefik.http.routers.portainer-secure.rule:Host(`dgdocker3.grinnell.edu`) && PathPrefix(`/portainer`) traefik.http.routers.portainer-secure.service:portainer traefik.http.routers.portainer-secure.tls:true traefik.http.routers.portainer-secure.tls.certresolver:http traefik.http.services.portainer.loadbalancer.server.port:9000]} Scope:local Time:1589735362 TimeNano:1589735362372693161}" providerName=docker | |
| time="2020-05-17T13:09:22-04:00" level=debug msg="Filtering disabled container" providerName=docker container=watchtower-watchtower-a9ba173931aa8018b61ea4f07c18cd079a1a93aea81113c3faed78745a7ac1a5 | |
| time="2020-05-17T13:09:22-04:00" level=debug msg="Configuration received from provider docker: {\"http\":{\"routers\":{\"http-catchall\":{\"entryPoints\":[\"http\"],\"middlewares\":[\"redirect-to-https\"],\"service\":\"traefik-traefik\",\"rule\":\"hostregexp(`{host:[a-z-.]+}`)\"},\"portainer-secure\":{\"entryPoints\":[\"https\"],\"middlewares\":[\"portainer-stripprefix\"],\"service\":\"portainer\",\"rule\":\"Host(`dgdocker3.grinnell.edu`) \\u0026\\u0026 PathPrefix(`/portainer`)\",\"tls\":{\"certResolver\":\"http\"}},\"traefik-secure\":{\"entryPoints\":[\"https\"],\"middlewares\":[\"traefik-auth\"],\"service\":\"api@internal\",\"rule\":\"Host(`dgdocker3.grinnell.edu`) \\u0026\\u0026 (PathPrefix(`/api`) || PathPrefix(`/dashboard`))\",\"tls\":{\"certResolver\":\"http\"}}},\"services\":{\"portainer\":{\"loadBalancer\":{\"servers\":[{\"url\":\"http://172.20.0.3:9000\"}],\"passHostHeader\":true}},\"traefik-traefik\":{\"loadBalancer\":{\"servers\":[{\"url\":\"http://172.20.0.2:80\"}],\"passHostHeader\":true}}},\"middlewares\":{\"portainer-auth\":{\"basicAuth\":{\"users\":[\"admin:$2y$05$pJEzHJBzfoYYS7/hGAedcOP8XdsqNXE7j.LHFBVjueASOqOvvjGOy\"]}},\"portainer-stripprefix\":{\"stripPrefix\":{\"prefixes\":[\"/portainer\"],\"forceSlash\":true}},\"redirect-to-https\":{\"redirectScheme\":{\"scheme\":\"https\"}},\"traefik-auth\":{\"basicAuth\":{\"users\":[\"admin:$2y$05$pJEzHJBzfoYYS7/hGAedcOP8XdsqNXE7j.LHFBVjueASOqOvvjGOy\"]}}}},\"tcp\":{},\"udp\":{}}" providerName=docker | |
| time="2020-05-17T13:09:22-04:00" level=debug msg="Creating middleware" entryPointName=http routerName=http-catchall@docker serviceName=traefik-traefik middlewareType=Pipelining middlewareName=pipelining | |
| time="2020-05-17T13:09:22-04:00" level=debug msg="Creating load-balancer" routerName=http-catchall@docker serviceName=traefik-traefik entryPointName=http | |
| time="2020-05-17T13:09:22-04:00" level=debug msg="Creating server 0 http://172.20.0.2:80" entryPointName=http routerName=http-catchall@docker serviceName=traefik-traefik serverName=0 | |
| time="2020-05-17T13:09:22-04:00" level=debug msg="Added outgoing tracing middleware traefik-traefik" routerName=http-catchall@docker middlewareName=tracing middlewareType=TracingForwarder entryPointName=http | |
| time="2020-05-17T13:09:22-04:00" level=debug msg="Creating middleware" entryPointName=http routerName=http-catchall@docker middlewareName=redirect-to-https@docker middlewareType=RedirectScheme | |
| time="2020-05-17T13:09:22-04:00" level=debug msg="Setting up redirection to https " routerName=http-catchall@docker middlewareName=redirect-to-https@docker middlewareType=RedirectScheme entryPointName=http | |
| time="2020-05-17T13:09:22-04:00" level=debug msg="Adding tracing to middleware" middlewareName=redirect-to-https@docker entryPointName=http routerName=http-catchall@docker | |
| time="2020-05-17T13:09:22-04:00" level=debug msg="Creating middleware" middlewareType=Recovery entryPointName=http middlewareName=traefik-internal-recovery | |
| time="2020-05-17T13:09:22-04:00" level=debug msg="Added outgoing tracing middleware api@internal" routerName=traefik-secure@docker entryPointName=https middlewareName=tracing middlewareType=TracingForwarder | |
| time="2020-05-17T13:09:22-04:00" level=debug msg="Creating middleware" middlewareType=BasicAuth entryPointName=https routerName=traefik-secure@docker middlewareName=traefik-auth@docker | |
| time="2020-05-17T13:09:22-04:00" level=debug msg="Adding tracing to middleware" routerName=traefik-secure@docker middlewareName=traefik-auth@docker entryPointName=https | |
| time="2020-05-17T13:09:22-04:00" level=debug msg="Creating middleware" serviceName=portainer middlewareName=pipelining middlewareType=Pipelining routerName=portainer-secure@docker entryPointName=https | |
| time="2020-05-17T13:09:22-04:00" level=debug msg="Creating load-balancer" routerName=portainer-secure@docker entryPointName=https serviceName=portainer | |
| time="2020-05-17T13:09:22-04:00" level=debug msg="Creating server 0 http://172.20.0.3:9000" routerName=portainer-secure@docker entryPointName=https serviceName=portainer serverName=0 | |
| time="2020-05-17T13:09:22-04:00" level=debug msg="Added outgoing tracing middleware portainer" entryPointName=https routerName=portainer-secure@docker middlewareName=tracing middlewareType=TracingForwarder | |
| time="2020-05-17T13:09:22-04:00" level=debug msg="Creating middleware" entryPointName=https routerName=portainer-secure@docker middlewareName=portainer-stripprefix@docker middlewareType=StripPrefix | |
| time="2020-05-17T13:09:22-04:00" level=debug msg="Adding tracing to middleware" routerName=portainer-secure@docker middlewareName=portainer-stripprefix@docker entryPointName=https | |
| time="2020-05-17T13:09:22-04:00" level=debug msg="Creating middleware" entryPointName=https middlewareName=traefik-internal-recovery middlewareType=Recovery | |
| time="2020-05-17T13:09:22-04:00" level=debug msg="No default certificate, generating one" | |
| time="2020-05-17T13:09:22-04:00" level=debug msg="Try to challenge certificate for domain [dgdocker3.grinnell.edu] found in HostSNI rule" providerName=http.acme routerName=traefik-secure@docker rule="Host(`dgdocker3.grinnell.edu`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))" | |
| time="2020-05-17T13:09:22-04:00" level=debug msg="Try to challenge certificate for domain [dgdocker3.grinnell.edu] found in HostSNI rule" providerName=http.acme routerName=portainer-secure@docker rule="Host(`dgdocker3.grinnell.edu`) && PathPrefix(`/portainer`)" | |
| time="2020-05-17T13:09:22-04:00" level=debug msg="Looking for provided certificate(s) to validate [\"dgdocker3.grinnell.edu\"]..." routerName=portainer-secure@docker rule="Host(`dgdocker3.grinnell.edu`) && PathPrefix(`/portainer`)" providerName=http.acme | |
| time="2020-05-17T13:09:22-04:00" level=debug msg="No ACME certificate generation required for domains [\"dgdocker3.grinnell.edu\"]." rule="Host(`dgdocker3.grinnell.edu`) && PathPrefix(`/portainer`)" providerName=http.acme routerName=portainer-secure@docker | |
| time="2020-05-17T13:09:22-04:00" level=debug msg="Looking for provided certificate(s) to validate [\"dgdocker3.grinnell.edu\"]..." providerName=http.acme routerName=traefik-secure@docker rule="Host(`dgdocker3.grinnell.edu`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))" | |
| time="2020-05-17T13:09:22-04:00" level=debug msg="No ACME certificate generation required for domains [\"dgdocker3.grinnell.edu\"]." routerName=traefik-secure@docker rule="Host(`dgdocker3.grinnell.edu`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))" providerName=http.acme | |
| time="2020-05-17T13:09:23-04:00" level=debug msg="Serving default certificate for request: \"dgdocker3.grinnell.edu\"" | |
| time="2020-05-17T13:09:23-04:00" level=debug msg="http: TLS handshake error from 132.161.249.251:51456: remote error: tls: bad certificate" | |
| time="2020-05-17T13:09:24-04:00" level=debug msg="legolog: [INFO] Deactivating auth: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/57342529" | |
| time="2020-05-17T13:09:24-04:00" level=debug msg="legolog: [INFO] Unable to deactivate the authorization: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/57342529" | |
| time="2020-05-17T13:09:24-04:00" level=error msg="Unable to obtain ACME certificate for domains \"dgdocker3.grinnell.edu\": unable to generate a certificate for the domains [dgdocker3.grinnell.edu]: error: one or more domains had a problem:\n[dgdocker3.grinnell.edu] acme: error: 400 :: urn:ietf:params:acme:error:dns :: No valid IP addresses found for dgdocker3.grinnell.edu, url: \n" providerName=http.acme routerName=traefik-secure@docker rule="Host(`dgdocker3.grinnell.edu`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))" | |
| time="2020-05-17T13:09:26-04:00" level=debug msg="Provider event received {Status:start ID:223e62599a902e065f22525c96ea6e652b1e06d85c876f874d6f0cf4d790d2ef From:mcfatem/dgdocker3-landing:latest Type:container Action:start Actor:{ID:223e62599a902e065f22525c96ea6e652b1e06d85c876f874d6f0cf4d790d2ef Attributes:map[authors:Mark A. McFate <mcfatem@grinnell.edu> com.centurylinklabs.watchtower.enable:true com.docker.compose.config-hash:0e692a8f753c33a8406cb0461cad588f44e30411a07b8e3cae44753e5870c36b com.docker.compose.container-number:1 com.docker.compose.oneoff:False com.docker.compose.project:landing com.docker.compose.project.config_files:docker-compose.yml com.docker.compose.project.working_dir:/opt/containers/landing com.docker.compose.service:landing com.docker.compose.version:1.25.1 image:mcfatem/dgdocker3-landing:latest maintainer:NGINX Docker Maintainers <docker-maint@nginx.com> name:landing-page traefik.docker.network:proxy traefik.enable:true traefik.http.routers.landing-secure.entrypoints:https traefik.http.routers.landing-secure.rule:Host(`dgdocker3.grinnell.edu`) traefik.http.routers.landing-secure.service:landing-landing traefik.http.routers.landing-secure.tls:true traefik.http.routers.landing-secure.tls.certresolver:http]} Scope:local Time:1589735366 TimeNano:1589735366244385100}" providerName=docker | |
| time="2020-05-17T13:09:26-04:00" level=debug msg="Filtering disabled container" providerName=docker container=watchtower-watchtower-a9ba173931aa8018b61ea4f07c18cd079a1a93aea81113c3faed78745a7ac1a5 | |
| time="2020-05-17T13:09:26-04:00" level=debug msg="Configuration received from provider docker: {\"http\":{\"routers\":{\"http-catchall\":{\"entryPoints\":[\"http\"],\"middlewares\":[\"redirect-to-https\"],\"service\":\"traefik-traefik\",\"rule\":\"hostregexp(`{host:[a-z-.]+}`)\"},\"landing-secure\":{\"entryPoints\":[\"https\"],\"service\":\"landing-landing\",\"rule\":\"Host(`dgdocker3.grinnell.edu`)\",\"tls\":{\"certResolver\":\"http\"}},\"portainer-secure\":{\"entryPoints\":[\"https\"],\"middlewares\":[\"portainer-stripprefix\"],\"service\":\"portainer\",\"rule\":\"Host(`dgdocker3.grinnell.edu`) \\u0026\\u0026 PathPrefix(`/portainer`)\",\"tls\":{\"certResolver\":\"http\"}},\"traefik-secure\":{\"entryPoints\":[\"https\"],\"middlewares\":[\"traefik-auth\"],\"service\":\"api@internal\",\"rule\":\"Host(`dgdocker3.grinnell.edu`) \\u0026\\u0026 (PathPrefix(`/api`) || PathPrefix(`/dashboard`))\",\"tls\":{\"certResolver\":\"http\"}}},\"services\":{\"landing-landing\":{\"loadBalancer\":{\"servers\":[{\"url\":\"http://172.20.0.4:80\"}],\"passHostHeader\":true}},\"portainer\":{\"loadBalancer\":{\"servers\":[{\"url\":\"http://172.20.0.3:9000\"}],\"passHostHeader\":true}},\"traefik-traefik\":{\"loadBalancer\":{\"servers\":[{\"url\":\"http://172.20.0.2:80\"}],\"passHostHeader\":true}}},\"middlewares\":{\"portainer-auth\":{\"basicAuth\":{\"users\":[\"admin:$2y$05$pJEzHJBzfoYYS7/hGAedcOP8XdsqNXE7j.LHFBVjueASOqOvvjGOy\"]}},\"portainer-stripprefix\":{\"stripPrefix\":{\"prefixes\":[\"/portainer\"],\"forceSlash\":true}},\"redirect-to-https\":{\"redirectScheme\":{\"scheme\":\"https\"}},\"traefik-auth\":{\"basicAuth\":{\"users\":[\"admin:$2y$05$pJEzHJBzfoYYS7/hGAedcOP8XdsqNXE7j.LHFBVjueASOqOvvjGOy\"]}}}},\"tcp\":{},\"udp\":{}}" providerName=docker | |
| time="2020-05-17T13:09:26-04:00" level=debug msg="Creating middleware" middlewareType=Pipelining entryPointName=http routerName=http-catchall@docker serviceName=traefik-traefik middlewareName=pipelining | |
| time="2020-05-17T13:09:26-04:00" level=debug msg="Creating load-balancer" serviceName=traefik-traefik entryPointName=http routerName=http-catchall@docker | |
| time="2020-05-17T13:09:26-04:00" level=debug msg="Creating server 0 http://172.20.0.2:80" serverName=0 entryPointName=http routerName=http-catchall@docker serviceName=traefik-traefik | |
| time="2020-05-17T13:09:26-04:00" level=debug msg="Added outgoing tracing middleware traefik-traefik" middlewareType=TracingForwarder entryPointName=http routerName=http-catchall@docker middlewareName=tracing | |
| time="2020-05-17T13:09:26-04:00" level=debug msg="Creating middleware" middlewareType=RedirectScheme entryPointName=http routerName=http-catchall@docker middlewareName=redirect-to-https@docker | |
| time="2020-05-17T13:09:26-04:00" level=debug msg="Setting up redirection to https " middlewareType=RedirectScheme entryPointName=http routerName=http-catchall@docker middlewareName=redirect-to-https@docker | |
| time="2020-05-17T13:09:26-04:00" level=debug msg="Adding tracing to middleware" routerName=http-catchall@docker entryPointName=http middlewareName=redirect-to-https@docker | |
| time="2020-05-17T13:09:26-04:00" level=debug msg="Creating middleware" entryPointName=http middlewareName=traefik-internal-recovery middlewareType=Recovery | |
| time="2020-05-17T13:09:26-04:00" level=debug msg="Creating middleware" serviceName=landing-landing routerName=landing-secure@docker middlewareName=pipelining middlewareType=Pipelining entryPointName=https | |
| time="2020-05-17T13:09:26-04:00" level=debug msg="Creating load-balancer" routerName=landing-secure@docker entryPointName=https serviceName=landing-landing | |
| time="2020-05-17T13:09:26-04:00" level=debug msg="Creating server 0 http://172.20.0.4:80" serviceName=landing-landing routerName=landing-secure@docker entryPointName=https serverName=0 | |
| time="2020-05-17T13:09:26-04:00" level=debug msg="Added outgoing tracing middleware landing-landing" middlewareName=tracing middlewareType=TracingForwarder entryPointName=https routerName=landing-secure@docker | |
| time="2020-05-17T13:09:26-04:00" level=debug msg="Creating middleware" serviceName=portainer entryPointName=https routerName=portainer-secure@docker middlewareName=pipelining middlewareType=Pipelining | |
| time="2020-05-17T13:09:26-04:00" level=debug msg="Creating load-balancer" serviceName=portainer entryPointName=https routerName=portainer-secure@docker | |
| time="2020-05-17T13:09:26-04:00" level=debug msg="Creating server 0 http://172.20.0.3:9000" routerName=portainer-secure@docker serviceName=portainer serverName=0 entryPointName=https | |
| time="2020-05-17T13:09:26-04:00" level=debug msg="Added outgoing tracing middleware portainer" middlewareType=TracingForwarder entryPointName=https routerName=portainer-secure@docker middlewareName=tracing | |
| time="2020-05-17T13:09:26-04:00" level=debug msg="Creating middleware" middlewareType=StripPrefix entryPointName=https routerName=portainer-secure@docker middlewareName=portainer-stripprefix@docker | |
| time="2020-05-17T13:09:26-04:00" level=debug msg="Adding tracing to middleware" entryPointName=https middlewareName=portainer-stripprefix@docker routerName=portainer-secure@docker | |
| time="2020-05-17T13:09:26-04:00" level=debug msg="Added outgoing tracing middleware api@internal" entryPointName=https routerName=traefik-secure@docker middlewareName=tracing middlewareType=TracingForwarder | |
| time="2020-05-17T13:09:26-04:00" level=debug msg="Creating middleware" entryPointName=https routerName=traefik-secure@docker middlewareType=BasicAuth middlewareName=traefik-auth@docker | |
| time="2020-05-17T13:09:26-04:00" level=debug msg="Adding tracing to middleware" entryPointName=https routerName=traefik-secure@docker middlewareName=traefik-auth@docker | |
| time="2020-05-17T13:09:26-04:00" level=debug msg="Creating middleware" entryPointName=https middlewareName=traefik-internal-recovery middlewareType=Recovery | |
| time="2020-05-17T13:09:26-04:00" level=debug msg="No default certificate, generating one" | |
| time="2020-05-17T13:09:26-04:00" level=debug msg="Try to challenge certificate for domain [dgdocker3.grinnell.edu] found in HostSNI rule" routerName=landing-secure@docker rule="Host(`dgdocker3.grinnell.edu`)" providerName=http.acme | |
| time="2020-05-17T13:09:26-04:00" level=debug msg="Try to challenge certificate for domain [dgdocker3.grinnell.edu] found in HostSNI rule" rule="Host(`dgdocker3.grinnell.edu`) && PathPrefix(`/portainer`)" providerName=http.acme routerName=portainer-secure@docker | |
| time="2020-05-17T13:09:26-04:00" level=debug msg="Try to challenge certificate for domain [dgdocker3.grinnell.edu] found in HostSNI rule" providerName=http.acme rule="Host(`dgdocker3.grinnell.edu`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))" routerName=traefik-secure@docker | |
| time="2020-05-17T13:09:26-04:00" level=debug msg="Looking for provided certificate(s) to validate [\"dgdocker3.grinnell.edu\"]..." rule="Host(`dgdocker3.grinnell.edu`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))" routerName=traefik-secure@docker providerName=http.acme | |
| time="2020-05-17T13:09:26-04:00" level=debug msg="Domains [\"dgdocker3.grinnell.edu\"] need ACME certificates generation for domains \"dgdocker3.grinnell.edu\"." providerName=http.acme rule="Host(`dgdocker3.grinnell.edu`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))" routerName=traefik-secure@docker | |
| time="2020-05-17T13:09:26-04:00" level=debug msg="Loading ACME certificates [dgdocker3.grinnell.edu]..." routerName=traefik-secure@docker providerName=http.acme rule="Host(`dgdocker3.grinnell.edu`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))" | |
| time="2020-05-17T13:09:26-04:00" level=debug msg="legolog: [INFO] [dgdocker3.grinnell.edu] acme: Obtaining bundled SAN certificate" | |
| time="2020-05-17T13:09:26-04:00" level=debug msg="Looking for provided certificate(s) to validate [\"dgdocker3.grinnell.edu\"]..." providerName=http.acme routerName=landing-secure@docker rule="Host(`dgdocker3.grinnell.edu`)" | |
| time="2020-05-17T13:09:26-04:00" level=debug msg="No ACME certificate generation required for domains [\"dgdocker3.grinnell.edu\"]." rule="Host(`dgdocker3.grinnell.edu`)" providerName=http.acme routerName=landing-secure@docker | |
| time="2020-05-17T13:09:26-04:00" level=debug msg="Looking for provided certificate(s) to validate [\"dgdocker3.grinnell.edu\"]..." routerName=portainer-secure@docker rule="Host(`dgdocker3.grinnell.edu`) && PathPrefix(`/portainer`)" providerName=http.acme | |
| time="2020-05-17T13:09:26-04:00" level=debug msg="No ACME certificate generation required for domains [\"dgdocker3.grinnell.edu\"]." routerName=portainer-secure@docker rule="Host(`dgdocker3.grinnell.edu`) && PathPrefix(`/portainer`)" providerName=http.acme | |
| time="2020-05-17T13:09:26-04:00" level=debug msg="legolog: [INFO] [dgdocker3.grinnell.edu] AuthURL: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/57342566" | |
| time="2020-05-17T13:09:26-04:00" level=debug msg="legolog: [INFO] [dgdocker3.grinnell.edu] acme: Could not find solver for: tls-alpn-01" | |
| time="2020-05-17T13:09:26-04:00" level=debug msg="legolog: [INFO] [dgdocker3.grinnell.edu] acme: use http-01 solver" | |
| time="2020-05-17T13:09:26-04:00" level=debug msg="legolog: [INFO] [dgdocker3.grinnell.edu] acme: Trying to solve HTTP-01" | |
| time="2020-05-17T13:09:26-04:00" level=debug msg="legolog: [INFO] Deactivating auth: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/57342566" | |
| time="2020-05-17T13:09:26-04:00" level=debug msg="legolog: [INFO] Unable to deactivate the authorization: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/57342566" | |
| time="2020-05-17T13:09:26-04:00" level=error msg="Unable to obtain ACME certificate for domains \"dgdocker3.grinnell.edu\": unable to generate a certificate for the domains [dgdocker3.grinnell.edu]: error: one or more domains had a problem:\n[dgdocker3.grinnell.edu] acme: error: 400 :: urn:ietf:params:acme:error:dns :: No valid IP addresses found for dgdocker3.grinnell.edu, url: \n" providerName=http.acme rule="Host(`dgdocker3.grinnell.edu`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))" routerName=traefik-secure@docker | |
| The acme.json file corresponding to this log (with the key obfuscated): | |
| [root@dgdocker3 traefik]# cat data/acme.json | |
| { | |
| "http": { | |
| "Account": { | |
| "Email": "digital@grinnell.edu", | |
| "Registration": { | |
| "body": { | |
| "status": "valid", | |
| "contact": [ | |
| "mailto:digital@grinnell.edu" | |
| ] | |
| }, | |
| "uri": "https://acme-staging-v02.api.letsencrypt.org/acme/acct/13723933" | |
| }, | |
| "PrivateKey": "MIIJKgIBAAKCAgEAuE740udyzXple/UubyD5yy/8B5jpSPitdt5XveH2SbkFtykUdq1az+/WLLj8Vf6M22CFpvGT5vSZJvdhut4hAILTdKrK05WyQ5lcI1AhwY6XTSgeSVzH3P5qy71/6TUXv/Y4g0uDN1QJGyvY64GYhhyMUcGdTlXPaUfu7jyDFVyL6MeGtxW8ALHMPMcI17hKShLQOC1DQ6KakUd3QdYdK3GJRKMATtZOuKSwCaBmI4z27vuGEzcBBF0JpDhca94MviFH.../xvGBJY54CrMczGETJuqtHo9Egj5cB6s+Sa3CvvR8A6pJYBJ+RNeZlOLkz+/BmQdwpogZNJEvIWiklP1VLxu0C8kp+g==", | |
| "KeyType": "4096" | |
| }, | |
| "Certificates": null | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment