Hello there, I’m trying to install varnish with Let’s encrypt and I have been having some problem with that for a day. I did everything like in this link : info.varnish-software.com/blog/five-steps-to-secure-varnish-with-hitch-and-lets-encrypt
I did some space between domain name and extension cause of link restriction
My domain is: socksunited.com
I ran this command: sudo acmetool want socksunited.com www.socksunited.com --xlog.severity=debug
It produced this output:
20190102215010 [DEBUG] acme.storageops: Target(socksunited . com;acme-v01.api.letsencrypt. org/directory;0): best certificate satisfying is , err=Target(socksunited . com;acme-v01.api.letsencrypt. org/directory;0): no certificate satisfies this target
20190102215010 [DEBUG] acme.storageops: Target(socksunited . com;acme-v01.api.letsencrypt. org/directory;0): requesting certificate
20190102215010 [DEBUG] acme.api: request: acme-v01.api.letsencrypt. org/directory
20190102215010 [DEBUG] acme.api: response: &{200 OK 200 HTTP/1.1 1 1 map[Connection:[keep-alive] Server:[nginx] Content-Type:[application/json] Replay-Nonce:[0j654aDHaLSsRsL8ifiiXDeQAI7B9NpgmPVSAT8nOjQ] Cache-Control:[max-age=0, no-cache, no-store] Pragma:[no-cache] Date:[Wed, 02 Jan 2019 21:50:10 GMT] Content-Length:[658] X-Frame-Options:[DENY] Strict-Transport-Security:[max-age=604800] Expires:[Wed, 02 Jan 2019 21:50:10 GMT]] 0xc42061bb40 658 false false map 0xc420126900 0xc42065e8f0}
20190102215010 [DEBUG] acme.api: request: acme-v01.api.letsencrypt. org/acme/new-reg
20190102215010 [DEBUG] acme.api: response: &{409 Conflict 409 HTTP/1.1 1 1 map[Content-Type:[application/problem+json] Content-Length:[107] Boulder-Requester:[48804651] Location:[acme-v01.api.letsencrypt. org/acme/reg/48804651] Expires:[Wed, 02 Jan 2019 21:50:10 GMT] Server:[nginx] Cache-Control:[max-age=0, no-cache, no-store] Pragma:[no-cache] Date:[Wed, 02 Jan 2019 21:50:10 GMT] Replay-Nonce:[A6VYGVhmgoHc7boS87nnNJtgVUw-Px_LV8rbkU0ujfo]] 0xc42061bc80 107 true false map 0xc420126100 0xc42065e8f0}
20190102215010 [DEBUG] acme.api: request: acme-v01.api.letsencrypt. org/acme/reg/48804651
20190102215010 [DEBUG] acme.api: response: &{202 Accepted 202 HTTP/1.1 1 1 map[Expires:[Wed, 02 Jan 2019 21:50:10 GMT] Replay-Nonce:[8xRYAu4W7J4_MDJPh1wpjxVjVxXcqtAVpJf1lW-NCRc] Content-Type:[application/json] Content-Length:[654] Boulder-Requester:[48804651] Link:[<acme-v01.api.letsencrypt. org/acme/new-authz>;rel=“next” <letsencrypt. org/documents/LE-SA-v1.2-November-15-2017.pdf>;rel=“terms-of-service”] Cache-Control:[max-age=0, no-cache, no-store] Pragma:[no-cache] Date:[Wed, 02 Jan 2019 21:50:10 GMT] Server:[nginx] Connection:[keep-alive]] 0xc420256d80 654 false false map 0xc420126700 0xc42065fce0}
20190102215010 [DEBUG] acme.storageops: trying to obtain authorization for “socksunited . com”
20190102215010 [DEBUG] acme.api: request: acme-v01.api.letsencrypt. org/acme/new-authz
20190102215010 [DEBUG] acme.api: response: &{201 Created 201 HTTP/1.1 1 1 map[Strict-Transport-Security:[max-age=604800] Server:[nginx] Cache-Control:[max-age=0, no-cache, no-store] Replay-Nonce:[bvrbeLh6VvkRD1S98ksyDuR3Qp0HkIetFb4UCw-Ulwg] X-Frame-Options:[DENY] Pragma:[no-cache] Date:[Wed, 02 Jan 2019 21:50:10 GMT] Content-Type:[application/json] Boulder-Requester:[48804651] Link:[<acme-v01.api.letsencrypt. org/acme/new-cert>;rel=“next”] Location:[acme-v01.api.letsencrypt. org/acme/authz/xqcF5_DqGuLCoEj62svkvGjYcsOhE8xeXgy7XIyVCTA] Connection:[keep-alive] Content-Length:[997] Expires:[Wed, 02 Jan 2019 21:50:10 GMT]] 0xc42061a040 997 false false map 0xc420126c00 0xc42065fce0}
20190102215010 [DEBUG] acme.solver: attempting challenge type http-01
20190102215010 [DEBUG] acme.responder: failed to listen on [::]:80: listen tcp 0.0.0.0:80: bind: address already in use
20190102215010 [DEBUG] acme.responder: failed to listen on :80: listen tcp :80: bind: address already in use
20190102215010 [DEBUG] acme.responder: listening on 127.0.0.1:402
20190102215010 [DEBUG] acme.responder: listening on [::1]:4402
20190102215010 [DEBUG] acme.responder: listening on 127.0.0.1:4402
20190102215010 [DEBUG] acme.responder: listening on [::1]:402
20190102215010 [DEBUG] acme.responder: writing 1 webroot challenge files
20190102215010 [DEBUG] acme.responder: writing webroot file /var/run/acme/acme-challenge/R6u6zr-mtGEmxzi15WqX2aim_y-qoMijmO4pUY9frHo
20190102215010 [DEBUG] acme.hooks: calling hook script: /etc/acme/hooks/haproxy
20190102215011 [DEBUG] acme.hooks: calling hook script: /etc/acme/hooks/reload
20190102215011 [DEBUG] acme.responder: http-01 self test
20190102215011 [INFO] acme.responder: http-01 self test failed: non-200 status code when doing self-test
20190102215011 [DEBUG] acme.responder: removing webroot file /var/run/acme/acme-challenge/R6u6zr-mtGEmxzi15WqX2aim_y-qoMijmO4pUY9frHo
20190102215011 [DEBUG] acme.hooks: calling hook script: /etc/acme/hooks/haproxy
20190102215011 [DEBUG] acme.hooks: calling hook script: /etc/acme/hooks/reload
20190102215011 [DEBUG] acme.solver: challenge start failed: non-200 status code when doing self-test
20190102215011 [DEBUG] acme.solver: attempting challenge type dns-01
20190102215011 [DEBUG] acme.hooks: calling hook script: /etc/acme/hooks/haproxy
20190102215011 [DEBUG] acme.hooks: calling hook script: /etc/acme/hooks/reload
20190102215011 [DEBUG] acme.solver: challenge start failed: could not install DNS challenge, no hooks succeeded
20190102215011 [ERROR] acme.storageops: could not obtain authorization for socksunited . com: failed all combinations
20190102215011 [ERROR] acme.storageops: Target(socksunited . com;acme-v01.api.letsencrypt. org/directory;0): failed to request certificate: failed all combinations
20190102215011 [DEBUG] acme.storageops: Target(socksunited . com,www.socksunited . com;acme-v01.api.letsencrypt. org/directory;0): best certificate satisfying is , err=Target(socksunited . com,www.socksunited . com;acme-v01.api.letsencrypt. org/directory;0): no certificate satisfies this target
20190102215011 [DEBUG] acme.storageops: Target(socksunited . com,www.socksunited . com;acme-v01.api.letsencrypt. org/directory;0): requesting certificate
20190102215011 [DEBUG] acme.api: request: acme-v01.api.letsencrypt. org/acme/new-reg
20190102215011 [DEBUG] acme.api: response: &{409 Conflict 409 HTTP/1.1 1 1 map[Date:[Wed, 02 Jan 2019 21:50:11 GMT] Server:[nginx] Content-Type:[application/problem+json] Content-Length:[107] Boulder-Requester:[48804651] Cache-Control:[max-age=0, no-cache, no-store] Pragma:[no-cache] Location:[acme-v01.api.letsencrypt. org/acme/reg/48804651] Replay-Nonce:[AhjpmOoor44NRlujefm4gModvOc284fLPPT1hSfK_2U] Expires:[Wed, 02 Jan 2019 21:50:11 GMT]] 0xc42061a600 107 true false map 0xc420127400 0xc42065fce0}
20190102215011 [DEBUG] acme.api: request: acme-v01.api.letsencrypt. org/acme/reg/48804651
20190102215011 [DEBUG] acme.api: response: &{202 Accepted 202 HTTP/1.1 1 1 map[Content-Type:[application/json] Content-Length:[654] Replay-Nonce:[9l7Oqp64k3ySnTq9MtGjGJSXK7RcMntgFehDs0HF-js] Cache-Control:[max-age=0, no-cache, no-store] Server:[nginx] Boulder-Requester:[48804651] Link:[<acme-v01.api.letsencrypt. org/acme/new-authz>;rel=“next” <letsencrypt. org/documents/LE-SA-v1.2-November-15-2017.pdf>;rel=“terms-of-service”] Expires:[Wed, 02 Jan 2019 21:50:11 GMT] Pragma:[no-cache] Date:[Wed, 02 Jan 2019 21:50:11 GMT] Connection:[keep-alive]] 0xc42061b5c0 654 false false map 0xc420127600 0xc42065f3f0}
20190102215011 [DEBUG] acme.storageops: trying to obtain authorization for “socksunited . com”
20190102215011 [DEBUG] acme.api: request: acme-v01.api.letsencrypt. org/acme/new-authz
20190102215011 [DEBUG] acme.api: response: &{201 Created 201 HTTP/1.1 1 1 map[Date:[Wed, 02 Jan 2019 21:50:11 GMT] Connection:[keep-alive] Content-Length:[997] Link:[<acme-v01.api.letsencrypt. org/acme/new-cert>;rel=“next”] Location:[acme-v01.api.letsencrypt. org/acme/authz/xqcF5_DqGuLCoEj62svkvGjYcsOhE8xeXgy7XIyVCTA] Replay-Nonce:[rCaiu5Y3TvWYFrrQCjSCw0CHBcXBTKl5p78AWJBwpAA] Server:[nginx] Content-Type:[application/json] X-Frame-Options:[DENY] Expires:[Wed, 02 Jan 2019 21:50:11 GMT] Cache-Control:[max-age=0, no-cache, no-store] Boulder-Requester:[48804651] Strict-Transport-Security:[max-age=604800] Pragma:[no-cache]] 0xc42061b700 997 false false map 0xc420127900 0xc42065f3f0}
20190102215011 [DEBUG] acme.solver: attempting challenge type http-01
20190102215011 [DEBUG] acme.responder: failed to listen on [::]:80: listen tcp 0.0.0.0:80: bind: address already in use
20190102215011 [DEBUG] acme.responder: failed to listen on :80: listen tcp :80: bind: address already in use
20190102215011 [DEBUG] acme.responder: listening on 127.0.0.1:4402
20190102215011 [DEBUG] acme.responder: listening on [::1]:402
20190102215011 [DEBUG] acme.responder: listening on 127.0.0.1:402
20190102215011 [DEBUG] acme.responder: listening on [::1]:4402
20190102215011 [DEBUG] acme.responder: writing 1 webroot challenge files
20190102215011 [DEBUG] acme.responder: writing webroot file /var/run/acme/acme-challenge/R6u6zr-mtGEmxzi15WqX2aim_y-qoMijmO4pUY9frHo
20190102215011 [DEBUG] acme.hooks: calling hook script: /etc/acme/hooks/haproxy
20190102215011 [DEBUG] acme.hooks: calling hook script: /etc/acme/hooks/reload
20190102215011 [DEBUG] acme.responder: http-01 self test
20190102215011 [INFO] acme.responder: http-01 self test failed: non-200 status code when doing self-test
20190102215011 [DEBUG] acme.responder: removing webroot file /var/run/acme/acme-challenge/R6u6zr-mtGEmxzi15WqX2aim_y-qoMijmO4pUY9frHo
20190102215011 [DEBUG] acme.hooks: calling hook script: /etc/acme/hooks/haproxy
20190102215011 [DEBUG] acme.hooks: calling hook script: /etc/acme/hooks/reload
20190102215011 [DEBUG] acme.solver: challenge start failed: non-200 status code when doing self-test
20190102215011 [DEBUG] acme.solver: attempting challenge type dns-01
20190102215011 [DEBUG] acme.hooks: calling hook script: /etc/acme/hooks/haproxy
20190102215011 [DEBUG] acme.hooks: calling hook script: /etc/acme/hooks/reload
20190102215011 [DEBUG] acme.solver: challenge start failed: could not install DNS challenge, no hooks succeeded
20190102215011 [ERROR] acme.storageops: could not obtain authorization for socksunited . com: failed all combinations
20190102215011 [ERROR] acme.storageops: Target(socksunited . com,www.socksunited . com;acme-v01.api.letsencrypt. org/directory;0): failed to request certificate: failed all combinations
20190102215011 [DEBUG] acme.storageops: done processing targets, reconciliation complete, 2 errors occurred
20190102215011 [ERROR] acme.storageops: error while processing targets: the following errors occurred:
error satisfying Target(socksunited . com;acme-v01.api.letsencrypt. org/directory;0): failed all combinations;
error satisfying Target(socksunited . com,www.socksunited . com;acme-v01.api.letsencrypt. org/directory;0): failed all combinations
20190102215011 [ERROR] acme.storageops: failed to reconcile: the following errors occurred:
error satisfying Target(socksunited . com;acme-v01.api.letsencrypt. org/directory;0): failed all combinations;
error satisfying Target(socksunited . com,www.socksunited . com;acme-v01.api.letsencrypt. org/directory;0): failed all combinations
20190102215011 [DEBUG] acme.storageops: disjoint hostname mapping: socksunited . com -> Target(socksunited . com,www.socksunited . com;acme-v01.api.letsencrypt. org/directory;0)
20190102215011 [DEBUG] acme.storageops: disjoint hostname mapping: www.socksunited . com -> Target(socksunited . com,www.socksunited . com;acme-v01.api.letsencrypt. org/directory;0)
20190102215011 [DEBUG] acme.storageops: could not find certificate satisfying Target(socksunited . com,www.socksunited . com;acme-v01.api.letsencrypt. org/directory;0): Target(socksunited . com,www.socksunited . com;acme-v01.api.letsencrypt. org/directory;0): no certificate satisfies this target
20190102215011 [DEBUG] acme.storageops: could not find certificate satisfying Target(socksunited . com,www.socksunited . com;acme-v01.api.letsencrypt. org/directory;0): Target(socksunited . com,www.socksunited . com;acme-v01.api.letsencrypt. org/directory;0): no certificate satisfies this target
20190102215011 [CRITICAL] acmetool: fatal: reconcile: the following errors occurred:
error satisfying Target(socksunited . com;acme-v01.api.letsencrypt. org/directory;0): failed all combinations;
error satisfying Target(socksunited . com,www.socksunited . com;acme-v01.api.letsencrypt. org/directory;0): failed all combinations
My web server is (include version): Apache/2.4.29 (Ubuntu)
The operating system my web server runs on is (include version): Ubuntu 16.04
My hosting provider, if applicable, is: digitalocean
I can login to a root shell on my machine (yes or no, or I don’t know): yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no