Caddy web server - Error message with more then one domain

Hello,

I am trying to register in this example two different domains with Caddy docker to letsencrypt an receiving this error message:

2017/10/27 19:11:52 [tls] failed to get certificate: acme: Error 400 - urn:acme:error:malformed - Error creating new authz :: DNS name does not have enough labels

What is the iddue? Can you help me please?

If I am doing it with only one domain it is working …

this is the Caddyfile

ebooks.test.my-wan.de {
#COPS
proxy / 192.168.100.10:83
basicauth / homer redacted
}

nextcloud.test.my-wan.de {
#nextcloud
   proxy / 192.168.100.10:4432 {
   transparent
   }
}

Hi @Homer-S,

Sorry, I don’t use Caddy server nor Docker so I won’t be able to help you but Caddy developer @mholt is a member of this community so he could take a look to your issue.

Also, I’ve changed your title post to reflect that you are using Caddy web server so it could bring the attention to other community members just in case they use Caddy.

Note: First I thought your problem was the lack of A/AAAA records for your 2 subdomains ebooks.test.my-wan.de and nextcloud.test.my-wan.de so I thought you were using the DNS challenge but checking my-wan.de seems a dynamic domain provided by twodns company and I can’t see Caddy supports this DNS provider. Then, checking issued certs for my-wan.de I can see some issued certs for ebooks.[your_user_name].my-wan.de and nextcloud.[your_user_name].my-wan.de. What I mean is, always provide your real domains or you could get erroneus answers based on the wrong provided information.

I hope someone can help you to solve this issue.

Good luck.
sahsanu

Well, the issue is that the client is trying to get a certificate for a name with no dots in it, like "com" or "example" or "localhost".

I don't know why, though. I don't use Caddy, either.

Do you have an idea? Do you have names like that in the Caddy configuration? Or could it be something with Caddy's automatic certificate generation?

You pasted the basic auth password! :scream: You need to change it to something else.

1 Like

Hey @Homer-S,

I edited your post to remove the basic auth password, and hid the past edits to the post (mine, and the earlier topic change).

However, we can’t change the past, and this thread has at the very least already been indexed by Google, so you still need to change it.

If that was a random example password, I apologize for the fuss. :sweat:

1 Like

Thanks for editing it was a test pass but I missed it to delete …
I will remember the point with real domain.

Good information with matt, I thought it is a letsencrypt issue so I changed the forum :slight_smile:
Thanks

This error is caused because the Caddyfile is malformed (the whole Caddyfile wasn’t pasted into the OP).

3 Likes

hi @Homer-S

You are in luck as I have actually set this kind of thing up for someone last week

Proxying to a Tomcat Backend Server (with an internal DNS name and not allowing management urls (hostmanager manager)

Proxying to an IP based backend

Connects to the backed on port 80
Uses HTTP protocol (not HTTPS)
Round Robin load balancing

https://domain.xyz {

proxy / http://IP:80 {
policy round_robin
transparent
insecure_skip_verify
}

}

Proxying to a Tomcat Backend with FQDN

Management URLs excluded
redirection of HTTP to HTTPS
using HTTPS to connect to the backend
Ignoring cert errors (backed servers using self signed certs)

http://domain.xyz {
redir https://domain.xyz {uri}
}

https://domain .xyz{
proxy / https://internal_fqdn:8080 {
policy round_robin
transparent
insecure_skip_verify
except /host-manager /manager
}
}

Thanks for putting the tech stack in the header :smiley:

Andrei

there is also a forum for caddy where @mholt has helped me out a few times :smiley:

Andrei

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.