Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:
jenkins.yourmessagedelivered.com
I ran this command:
docker run -i --rm \
--name certcont \
--publish 209.195.11.75:8888:8888 \
--volume letsencrypt-etc:/etc/letsencrypt \
--volume letsencrypt-var-lib:/var/lib/letsencrypt \
--volume letsencrypt-var-log:/var/log/letsencrypt \
certbot/certbot:latest \
certonly \
--standalone \
-d jenkins.yourmessagedelivered.com \
--non-interactive \
--preferred-challenges http \
--agree-tos \
--email hesco@yourmessagedelivered.com \
--staging --http-01-port=8888
It produced this output:
full output:
-
The following errors were reported by the server:
Domain: jenkins.yourmessagedelivered.com
Type: unauthorized
Detail: Invalid response from
http://jenkins.yourmessagedelivered.com/.well-known/acme-challenge/uP-FXuSI5sYdRm5gLiEtjtq5Uag7XRP2-qDRyT_IfeM
[209.195.11.75]: “<meta http-equiv=‘refresh’
content='1;url=/login?from=%!F(MISSING).well-known%!F(MISSING)acme-challenge%!F(MISSING)uP-FXuSI5sYdRm5gLiEtjtq5Uag7”To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
I also get errors about missing files, but these are the permissions on that path:
root@dessalines021:/exports/data/letsencrypt# ls -alht /exports/data/letsencrypt/etc/letsencrypt | grep live
drwx------ 5 root root 4.0K Aug 25 2019 live
yet no new path is created for this domain.
the result written for the haproxy certificate
winds up 0 length, and it must be removed to restart the haproxy.
My web server is (include version):
I am running a docker cluster, implementing a recipe I found here:
relevant portions of my haproxy.cfg are available here:
The operating system my web server runs on is (include version):
My docker hosts are all debian.
most of my inventory is built on a base image derived from an ubuntu containers
My hosting provider, if applicable, is:
I am running a docker cluster, I am my hosting provider,
renting a partial rack in a local data center.
I can login to a root shell on my machine (yes or no, or I don’t know):
YES,
I can use ssh to access as root, my haproxy and the docker hosts in my docker cluster.
except that I have not been daemonizing the certbot, I suppose I could use docker -it certbot attach
to probably access root on the certbot node.
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
no
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you’re using Certbot):
certbot 1.3.0