TechQA.

Error when trying to generate certificates with certbot using Docker image

30 views Asked by At

Setup:

  1. I have my server running via HA proxy with this configuration:
frontend http-in2
    bind *:80
    bind *:443 ssl crt /ssl_certs/myserver.pem
    mode http
    option forwardfor header X-Real-IP
    http-request set-header X-Real-IP %[src]

    acl letsencrypt-acl path_beg /.well-known/acme-challenge/
    use_backend letsencrypt-backend if letsencrypt-acl

    default_backend astrology_backend

backend letsencrypt-backend
    server letsencrypt 192.168.0.98:8888

backend astrology_backend
    mode http
    server astrology_server 192.168.0.98:3333 check
  1. My astrology_backend and certbot are going to run with docker-compose via this:
version: '3.8'

services:
  webserver:
    build: .
    ports:
      - "3333:3333"
    volumes:
      - my_volume:/usr/src/app
    depends_on:
      - certbot
    network_mode: "host"

  certbot:
    image: certbot/certbot:latest
    volumes:
      - /share/homes/vildnex/certs_letsencrypt/conf:/etc/letsencrypt
      - /share/homes/vildnex/certs_letsencrypt/www:/var/www/certbot
      - my_volume:/usr/src/app
    network_mode: "host"
    command: certonly --standalone -d goldenrodastrology.com
  
volumes:
  my_volume:

With this Dockerfile:

# hello-world-webserver/Dockerfile
FROM python:3.8-slim

# Set the working directory in the container
WORKDIR /usr/src/app

# Copy the content of the local src directory to the working directory
COPY ./html /usr/src/app

# Command to run on container start
CMD [ "python", "-m", "http.server", "3333" ]

How I've tried to generate the proper certificates by doing this command:

docker-compose run certbot certonly --standalone -d goldenrodastrology.com

PROBLEM:

But every single time when I run that command I get an output like this:

Certbot failed to authenticate some domains (authenticator: standalone). The Certificate Authority reported these problems:
  Domain: goldenrodastrology.com
  Type:   connection
  Detail: 5.15.101.220: Fetching http://goldenrodastrology.com/.well-known/acme-challenge/0dXcDP7Hwc9FO8hCT_5zleRze_maWHqZUavvgFicDHk: Timeout during connect (likely firewall problem)

Hint: The Certificate Authority failed to download the challenge files from the temporary standalone webserver started by Certbot on port 80. Ensure that the listed domains point to this machine and that it can accept inbound connections from the internet.

Some challenges have failed.

Can anyone explain to me what exactly I am doing wrong?

docker docker-compose lets-encrypt certbot
Original Q&A
0

There are 0 answers

Related Questions in DOCKER

Related Questions in DOCKER-COMPOSE

Related Questions in LETS-ENCRYPT

Related Questions in CERTBOT

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json

Trending Questions