Problème sur la génération du certificat Let's encrypt

hujino · July 15, 2019, 8:41pm

Je peux lire des réponses en Anglais : oui

Mon nom de domaine est : gemlink-digital.com

J’ai exécuté cette commande : commandes pour dépanner sur docker + curl

docker = RAS
curl = RAS
ping = RAS
reboot du serveur + service = RAS

Mon serveur Web est (inclure la version) : debian 9 up to date

Mon hébergeur, le cas échéant, est : OVH

Je peux me connecter à un shell root sur ma machine (oui ou non, ou je ne sais pas) : oui

Logs sur mon reverse proxy :

Blockquote

nginx-proxy-le | Traceback (most recent call last):
nginx-proxy-le | File "/usr/lib/python3.6/site-packages/urllib3/connectionpool.py", line 603, in urlopen
nginx-proxy-le | chunked=chunked)
nginx-proxy-le | File "/usr/lib/python3.6/site-packages/urllib3/connectionpool.py", line 344, in _make_request
nginx-proxy-le | self._validate_conn(conn)
nginx-proxy-le | File "/usr/lib/python3.6/site-packages/urllib3/connectionpool.py", line 843, in _validate_conn
nginx-proxy-le | conn.connect()
nginx-proxy-le | File "/usr/lib/python3.6/site-packages/urllib3/connection.py", line 316, in connect
nginx-proxy-le | conn = self._new_conn()
nginx-proxy-le | File "/usr/lib/python3.6/site-packages/urllib3/connection.py", line 169, in _new_conn
nginx-proxy-le | self, "Failed to establish a new connection: %s" % e)
nginx-proxy-le | urllib3.exceptions.NewConnectionError: <urllib3.connection.VerifiedHTTPSConnection object at 0x7f5fd964a080>: Failed to establish a new connection: [Errno -3] Try again
nginx-proxy-le |
nginx-proxy-le | During handling of the above exception, another exception occurred:
nginx-proxy-le |
nginx-proxy-le | Traceback (most recent call last):
nginx-proxy-le | File "/usr/lib/python3.6/site-packages/requests/adapters.py", line 449, in send
nginx-proxy-le | timeout=timeout
nginx-proxy-le | File "/usr/lib/python3.6/site-packages/urllib3/connectionpool.py", line 641, in urlopen
nginx-proxy-le | _stacktrace=sys.exc_info()[2])
nginx-proxy-le | File "/usr/lib/python3.6/site-packages/urllib3/util/retry.py", line 399, in increment
nginx-proxy-le | raise MaxRetryError(_pool, url, error or ResponseError(cause))
nginx-proxy-le | urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='acme-v01.api.letsencrypt.org', port=443): Max retries exceeded with url: /directory (Caused by NewConnectionError('<urllib3.connection.VerifiedHTTPSConnection object at 0x7f5fd964a080>: Failed to establish a new connection: [Errno -3] Try again',))
nginx-proxy-le |
nginx-proxy-le | During handling of the above exception, another exception occurred:
nginx-proxy-le |
nginx-proxy-le | Traceback (most recent call last):
nginx-proxy-le | File "/usr/lib/python3.6/site-packages/simp_le.py", line 1583, in main
nginx-proxy-le | return main_with_exceptions(cli_args)
nginx-proxy-le | File "/usr/lib/python3.6/site-packages/simp_le.py", line 1567, in main_with_exceptions
nginx-proxy-le | persist_new_data(args, existing_data)
nginx-proxy-le | File "/usr/lib/python3.6/site-packages/simp_le.py", line 1457, in persist_new_data
nginx-proxy-le | client = registered_client(args, existing_data.account_key)
nginx-proxy-le | File "/usr/lib/python3.6/site-packages/simp_le.py", line 1395, in registered_client
nginx-proxy-le | client = acme_client.Client(directory=args.server, key=key, net=net)
nginx-proxy-le | File "/usr/lib/python3.6/site-packages/acme/client.py", line 274, in init
nginx-proxy-le | net.get(directory).json())
nginx-proxy-le | File "/usr/lib/python3.6/site-packages/acme/client.py", line 1168, in get
nginx-proxy-le | self._send_request('GET', url, **kwargs), content_type=content_type)
nginx-proxy-le | File "/usr/lib/python3.6/site-packages/acme/client.py", line 1117, in _send_request
nginx-proxy-le | response = self.session.request(method, url, *args, **kwargs)
nginx-proxy-le | File "/usr/lib/python3.6/site-packages/requests/sessions.py", line 533, in request
nginx-proxy-le | resp = self.send(prep, **send_kwargs)
nginx-proxy-le | File "/usr/lib/python3.6/site-packages/requests/sessions.py", line 646, in send
nginx-proxy-le | r = adapter.send(request, **kwargs)
nginx-proxy-le | File "/usr/lib/python3.6/site-packages/requests/adapters.py", line 516, in send
nginx-proxy-le | raise ConnectionError(e, request=request)
nginx-proxy-le | requests.exceptions.ConnectionError: HTTPSConnectionPool(host='acme-v01.api.letsencrypt.org', port=443): Max retries exceeded with url: /directory (Caused by NewConnectionError('<urllib3.connection.VerifiedHTTPSConnection object at 0x7f5fd964a080>: Failed to establish a new connection: [Errno -3] Try again',))
nginx-proxy-le |
nginx-proxy-le | Unhandled error has happened, traceback is above
nginx-proxy-le |
nginx-proxy-le | Debugging tips: -v improves output verbosity. Help is available under --help.
nginx-proxy-le | /app
nginx-proxy-le | Sleep for 3600s
nginx-proxy-le | 2019/07/15 20:25:58 Received signal: terminated
nginx-proxy-le | 2019/07/15 20:25:58 Received signal: terminated
nginx-proxy-le | Info: Custom Diffie-Hellman group found, generation skipped.
nginx-proxy-le | Reloading nginx proxy (cd976881fc5ce804f526f935e33d89a8c1be1d0011126a53d250d7c7e1a5636e)...
nginx-proxy-le | 2019/07/15 20:28:13, Error: can't exec command [ "sh", "-c", "/app/docker-entrypoint.sh /usr/local/bin/docker-gen /app/nginx.tmpl /etc/nginx/conf.d/default.conf; /usr/sbin/nginx -s reload" ] in container cd976881fc5ce804f526f935e33d89a8c1be1d0011126a53d250d7c7e1a5636e. Check if the container is running.
nginx-proxy-le | 2019/07/15 20:28:13, Error: can't reload nginx-proxy.
nginx-proxy-le | 2019/07/15 20:28:13 Error: nginx-proxy container cd976881fc5ce804f526f935e33d89a8c1be1d0011126a53d250d7c7e1a5636e isn't running.
nginx-proxy-le | Sleep for 3600s
nginx-proxy-le | 2019/07/15 20:28:14 Generated '/app/letsencrypt_service_data' from 1 containers
nginx-proxy-le | 2019/07/15 20:28:14 Running '/app/signal_le_service'
nginx-proxy-le | 2019/07/15 20:28:14 Watching docker events
nginx-proxy-le | 2019/07/15 20:28:14 Contents of /app/letsencrypt_service_data did not change. Skipping notification '/app/signal_le_service'
nginx-proxy-le | 2019/07/15 20:28:14 Error: nginx-proxy container cd976881fc5ce804f526f935e33d89a8c1be1d0011126a53d250d7c7e1a5636e isn't running.
nginx-proxy-le | Sleep for 3600s
nginx-proxy-le | 2019/07/15 20:28:33 Received signal: terminated
nginx-proxy-le | 2019/07/15 20:28:33 Received signal: terminated
nginx-proxy-le | Info: Custom Diffie-Hellman group found, generation skipped.
nginx-proxy-le | Reloading nginx proxy (cd976881fc5ce804f526f935e33d89a8c1be1d0011126a53d250d7c7e1a5636e)...
nginx-proxy-le | 2019/07/15 20:28:35, Error: can't exec command [ "sh", "-c", "/app/docker-entrypoint.sh /usr/local/bin/docker-gen /app/nginx.tmpl /etc/nginx/conf.d/default.conf; /usr/sbin/nginx -s reload" ] in container cd976881fc5ce804f526f935e33d89a8c1be1d0011126a53d250d7c7e1a5636e. Check if the container is running.
nginx-proxy-le | 2019/07/15 20:28:35, Error: can't reload nginx-proxy.
nginx-proxy-le | 2019/07/15 20:28:35 Contents of /app/letsencrypt_service_data did not change. Skipping notification '/app/signal_le_service'
nginx-proxy-le | 2019/07/15 20:28:35 Watching docker events
nginx-proxy-le | 2019/07/15 20:28:35 Contents of /app/letsencrypt_service_data did not change. Skipping notification '/app/signal_le_service'
nginx-proxy-le | 2019/07/15 20:28:35 Error: nginx-proxy container cd976881fc5ce804f526f935e33d89a8c1be1d0011126a53d250d7c7e1a5636e isn't running.
nginx-proxy-le | Sleep for 3600s
nginx-proxy-le | 2019/07/15 20:30:27 Received signal: terminated
nginx-proxy-le | 2019/07/15 20:30:27 Received signal: terminated
nginx-proxy-le | Info: Custom Diffie-Hellman group found, generation skipped.
nginx-proxy-le | Reloading nginx proxy (cd976881fc5ce804f526f935e33d89a8c1be1d0011126a53d250d7c7e1a5636e)...
nginx-proxy-le | 2019/07/15 20:30:29 Contents of /etc/nginx/conf.d/default.conf did not change. Skipping notification ''
nginx-proxy-le | 2019/07/15 20:30:29 [notice] 45#45: signal process started
nginx-proxy-le | 2019/07/15 20:30:29 Contents of /app/letsencrypt_service_data did not change. Skipping notification '/app/signal_le_service'
nginx-proxy-le | 2019/07/15 20:30:29 Watching docker events
nginx-proxy-le | 2019/07/15 20:30:29 Contents of /app/letsencrypt_service_data did not change. Skipping notification '/app/signal_le_service'
nginx-proxy-le | Sleep for 3600s

Blockquote

Mes sites sont disponible en HTTP mais pas HTTPS.

Si je pointe vers HTTPS, j'ai une erreur 500.

Avez-vous une idée de résolution ?

En vous remerciant par avance,

Phil · July 16, 2019, 3:33pm

Can you post the output of the following commands please?

sudo docker ps
sudo docker network ls
sudo docker exec -it nginx-proxy-le bash
# Inside the container
curl -IL https://acme-v01.api.letsencrypt.org

hujino · July 16, 2019, 4:28pm

docker ps :

docker ps
CONTAINER ID        IMAGE                                    COMMAND                  CREATED             STATUS              PORTS                                      NAMES
bc071ed44676        jrcs/letsencrypt-nginx-proxy-companion   "/bin/bash /app/entr…"   19 hours ago        Up 3 minutes                                                   nginx-proxy-le
c21c7c367689        jwilder/nginx-proxy:alpine               "/app/docker-entrypo…"   19 hours ago        Up 3 minutes        0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp   nginx-proxy
bd18a5509011        grafana/grafana                          "/run.sh"                21 hours ago        Up 19 hours         3000/tcp                                   grafana
d45fb08dcfeb        nginx                                    "nginx -g 'daemon of…"   21 hours ago        Up 19 hours         80/tcp                                     site1
8965852c33ac        nginx                                    "nginx -g 'daemon of…"   22 hours ago        Up 19 hours         80/tcp                                     nginx-test
root@FRPDDGRP:~#

docker network ls :

NETWORK ID          NAME                DRIVER              SCOPE
83d045be3c43        bridge              bridge              local
73baf3d70de3        host                host                local
bbac1907ee48        nginx-web           bridge              local
6c210aa8d649        none                null                local

docker exec -it nginx-proxy-le bash

curl -IL https://acme-v01.api.letsencrypt.org :

curl: (6) Could not resolve host: acme-v01.api.letsencrypt.org

I see my docker did’nt save my dns settings

I put dns server into my docker-compose.yml.

and it’s working !

My bad :c

I think i need to create this file /etc/docker/daemon.json for my deamon