Invalid Response Form

Help
1

Hi All,

I’m trying to setup my Let’s Encrypt Docker on my Unraid Server. I followed the youtube tutorial from Spaceinvaderone to help me get setup. I have a feeling that my router is causing me some issues as there was a step in the tutorial that I was unable to do. I was able to port forward 80 and 443 however in his video he also redirected the target IP to 180 and 1443. My router does not seem to support that portion.

When I try to setup the docker container using 80 and 443 it gives me the following error and fails.

root@localhost:# /usr/local/emhttp/plugins/dynamix.docker.manager/scripts/docker run -d --name=‘letsencrypt’ --net=‘proxynet’ --log-opt max-size=‘50m’ --log-opt max-file=‘1’ --privileged=true -e TZ=“America/Los_Angeles” -e HOST_OS=“Unraid” -e ‘EMAIL’=‘blank@outlook.com’ -e ‘URL’=‘duckdns.org’ -e ‘SUBDOMAINS’=‘jharris1984,jharris1984homeassistant’ -e ‘ONLY_SUBDOMAINS’=‘true’ -e ‘DHLEVEL’=‘2048’ -e ‘VALIDATION’=‘http’ -e ‘DNSPLUGIN’=’’ -e ‘PUID’=‘99’ -e ‘PGID’=‘100’ -p ‘80:80/tcp’ -p ‘443:443/tcp’ -v ‘/mnt/user/appdata/letsencrypt’:’/config’:‘rw’ ‘linuxserver/letsencrypt’

4599a6134b170a6f6d2bab7e2da8c1ae7d6f61dc6af800edf64b781abd108312
/usr/bin/docker: Error response from daemon: driver failed programming external connectivity on endpoint letsencrypt (df8a1495012c62b59a9a883fdb27297915238ae99ed889d0c06879796418eba4): Error starting userland proxy: listen tcp 0.0.0.0:80: bind: address already in use.

The command failed.

I was able to change the ports to 8080 and 8443 (and port forward these in my router) in the docker setup and I was able to get it to install.

The next error I’m getting is an unauthorized 404 invalid response form with this current setup and it asks me to check my spellings for my server.

If I turn off the port forwarding for 80 and 443 in my router I get a likely firewall problem.
If I turn off the port forwarding for 8080 and 8443 but leave the 80 and 443 open I get the 404 response error instead even though my docker is configured for 8080 and 8443.

I am not able to post the full log errors at the moment because I hit the rate limits while I was messing with it. Not sure how long until I can do that again?

Thanks in advance.

2

Hi @jharris1984

I'm not so firm with Docker. But your main configuration is ok.

If you use http-01 validation, your client creates a file in /.well-known/acme-challenge, Letsencrypt checks that file via port 80. And that looks ok ( https://check-your-website.server-daten.de/?q=jharris1984.duckdns.org ):

Domainname Http-Status redirect Sec. G
http://jharris1984.duckdns.org/
98.166.3.107 302 http://jharris1984.duckdns.org/Main 0.246 D
http://www.jharris1984.duckdns.org/
98.166.3.107 302 http://www.jharris1984.duckdns.org/Main 0.246 D
http://jharris1984.duckdns.org/Main 200 0.517 H
http://www.jharris1984.duckdns.org/Main 200 0.510 H
https://jharris1984.duckdns.org/
98.166.3.107 -2 1.353 V
ConnectFailure - Unable to connect to the remote server No connection could be made because the target machine actively refused it 98.166.3.107:443
https://www.jharris1984.duckdns.org/
98.166.3.107 -2 1.454 V
ConnectFailure - Unable to connect to the remote server No connection could be made because the target machine actively refused it 98.166.3.107:443
http://jharris1984.duckdns.org/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
98.166.3.107 404 0.243 A
Not Found
Visible Content: 404 Not Found nginx
http://www.jharris1984.duckdns.org/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
98.166.3.107 404 0.244 A
Not Found
Visible Content: 404 Not Found nginx

Port 80 is open and (in your case, more important) answers with the expected http status 404 - Not found checking an unknown file name.

So your port configuration is ok. Your router has a correct rule

port 80 extern -> http port intern.

So Letsencrypt can check your port 80 + /.well-known/acme-challenge.

Looks like you use a too complicated setup with an additional proxy. But that proxy can't start, because port 80 is already in use.

Isn't it possible to use the running webserver directly? With the root of your running nginx?

1 Like
3

Thank you for your reply. Excuse my lack of intelligence on this topic for any of the following questions. This is really something I just found a few days ago and have looked at a small handful of tutorials trying to get my particular set up working.

You mention using http-01 validation and my client creating a file. Where is this file being created? On my server or on the internet? I don’t believe I have any upload capability directly to duckdns at all. Are there any tutorials or pages I can follow that you’re aware of to set that up?

As for the port 80 and the complicated setup - Spaceinvaderone did mention that unraid uses port 80 which is why I needed to do the ip redirect. As for using my web server directly I don’t have anything else running that would be able to do that I believe. My unraid is being used mainly for storage of movies and tv for Plex. There are a few other dockers for downloads as well as openvpn for remote management. The reason for working to get this setup is first and foremost to link my Smartthings to my Home Assistant docker, and secondarily it looks like I’ll need to use it for Nextcloud when I take that step.

4

Read some basics:

Then check the challenge types:

5

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.