time="2023-03-28T14:56:44+02:00" level=debug msg="No default certificate, fallback to the internal generated certificate" tlsStoreName=default
time="2023-03-28T14:56:44+02:00" level=debug msg="Added outgoing tracing middleware api@internal" entryPointName=traefik routerName=api@internal middlewareName=tracing middlewareType=TracingForwarder
time="2023-03-28T14:56:44+02:00" level=debug msg="Added outgoing tracing middleware dashboard@internal" middlewareType=TracingForwarder entryPointName=traefik routerName=dashboard@internal middlewareName=tracing
time="2023-03-28T14:56:44+02:00" level=debug msg="Creating middleware" routerName=dashboard@internal middlewareName=dashboard_stripprefix@internal middlewareType=StripPrefix entryPointName=traefik
time="2023-03-28T14:56:44+02:00" level=debug msg="Adding tracing to middleware" entryPointName=traefik routerName=dashboard@internal middlewareName=dashboard_stripprefix@internal
time="2023-03-28T14:56:44+02:00" level=debug msg="Creating middleware" entryPointName=traefik routerName=dashboard@internal middlewareName=dashboard_redirect@internal middlewareType=RedirectRegex
time="2023-03-28T14:56:44+02:00" level=debug msg="Setting up redirection from ^(http:\\/\\/(\\[[\\w:.]+\\]|[\\w\\._-]+)(:\\d+)?)\\/$ to ${1}/dashboard/" middlewareName=dashboard_redirect@internal middlewareType=RedirectRegex entryPointName=traefik routerName=dashboard@internal
time="2023-03-28T14:56:44+02:00" level=debug msg="Adding tracing to middleware" entryPointName=traefik routerName=dashboard@internal middlewareName=dashboard_redirect@internal
time="2023-03-28T14:56:44+02:00" level=debug msg="Creating middleware" entryPointName=traefik middlewareType=Recovery middlewareName=traefik-internal-recovery
time="2023-03-28T14:56:44+02:00" level=debug msg="No default certificate, fallback to the internal generated certificate" tlsStoreName=default
time="2023-03-28T14:56:44+02:00" level=debug msg="Added outgoing tracing middleware api@internal" entryPointName=traefik routerName=api@internal middlewareName=tracing middlewareType=TracingForwarder
time="2023-03-28T14:56:44+02:00" level=debug msg="Added outgoing tracing middleware dashboard@internal" middlewareType=TracingForwarder entryPointName=traefik routerName=dashboard@internal middlewareName=tracing
time="2023-03-28T14:56:44+02:00" level=debug msg="Creating middleware" routerName=dashboard@internal entryPointName=traefik middlewareName=dashboard_stripprefix@internal middlewareType=StripPrefix
time="2023-03-28T14:56:44+02:00" level=debug msg="Adding tracing to middleware" entryPointName=traefik routerName=dashboard@internal middlewareName=dashboard_stripprefix@internal
time="2023-03-28T14:56:44+02:00" level=debug msg="Creating middleware" middlewareType=RedirectRegex middlewareName=dashboard_redirect@internal entryPointName=traefik routerName=dashboard@internal
time="2023-03-28T14:56:44+02:00" level=debug msg="Setting up redirection from ^(http:\\/\\/(\\[[\\w:.]+\\]|[\\w\\._-]+)(:\\d+)?)\\/$ to ${1}/dashboard/" entryPointName=traefik routerName=dashboard@internal middlewareType=RedirectRegex middlewareName=dashboard_redirect@internal
time="2023-03-28T14:56:44+02:00" level=debug msg="Adding tracing to middleware" middlewareName=dashboard_redirect@internal entryPointName=traefik routerName=dashboard@internal
time="2023-03-28T14:56:44+02:00" level=debug msg="Creating middleware" middlewareType=Recovery entryPointName=traefik middlewareName=traefik-internal-recovery
time="2023-03-28T14:56:44+02:00" level=debug msg="Creating middleware" middlewareName=pipelining middlewareType=Pipelining entryPointName=http routerName=plex@docker serviceName=plex
time="2023-03-28T14:56:44+02:00" level=debug msg="Creating load-balancer" entryPointName=http routerName=plex@docker serviceName=plex
time="2023-03-28T14:56:44+02:00" level=debug msg="Creating server 0 http://172.21.0.8:32400" serverName=0 entryPointName=http routerName=plex@docker serviceName=plex
time="2023-03-28T14:56:44+02:00" level=debug msg="child http://172.21.0.8:32400 now UP"
time="2023-03-28T14:56:44+02:00" level=debug msg="Propagating new UP status"
time="2023-03-28T14:56:44+02:00" level=debug msg="Added outgoing tracing middleware plex" routerName=plex@docker middlewareName=tracing middlewareType=TracingForwarder entryPointName=http
time="2023-03-28T14:56:44+02:00" level=debug msg="Creating middleware" serviceName=overseerr entryPointName=http routerName=overseerr@docker middlewareName=pipelining middlewareType=Pipelining
time="2023-03-28T14:56:44+02:00" level=debug msg="Creating load-balancer" serviceName=overseerr entryPointName=http routerName=overseerr@docker
time="2023-03-28T14:56:44+02:00" level=debug msg="Creating server 0 http://172.21.0.6:5055" entryPointName=http routerName=overseerr@docker serviceName=overseerr serverName=0
time="2023-03-28T14:56:44+02:00" level=debug msg="child http://172.21.0.6:5055 now UP"
time="2023-03-28T14:56:44+02:00" level=debug msg="Propagating new UP status"
time="2023-03-28T14:56:44+02:00" level=debug msg="Added outgoing tracing middleware overseerr" middlewareName=tracing middlewareType=TracingForwarder entryPointName=http routerName=overseerr@docker
time="2023-03-28T14:56:44+02:00" level=debug msg="Creating middleware" middlewareName=pipelining middlewareType=Pipelining entryPointName=http serviceName=rdtclient routerName=rdtclient@docker
time="2023-03-28T14:56:44+02:00" level=debug msg="Creating load-balancer" serviceName=rdtclient routerName=rdtclient@docker entryPointName=http
time="2023-03-28T14:56:44+02:00" level=debug msg="Creating server 0 http://172.21.0.4:6500" serverName=0 routerName=rdtclient@docker entryPointName=http serviceName=rdtclient
time="2023-03-28T14:56:44+02:00" level=debug msg="child http://172.21.0.4:6500 now UP"
time="2023-03-28T14:56:44+02:00" level=debug msg="Propagating new UP status"
time="2023-03-28T14:56:44+02:00" level=debug msg="Added outgoing tracing middleware rdtclient" routerName=rdtclient@docker middlewareName=tracing middlewareType=TracingForwarder entryPointName=http
time="2023-03-28T14:56:44+02:00" level=debug msg="Creating middleware" routerName=sonarr@docker serviceName=sonarr entryPointName=http middlewareName=pipelining middlewareType=Pipelining
time="2023-03-28T14:56:44+02:00" level=debug msg="Creating load-balancer" routerName=sonarr@docker serviceName=sonarr entryPointName=http
time="2023-03-28T14:56:44+02:00" level=debug msg="Creating server 0 http://172.21.0.3:8989" entryPointName=http routerName=sonarr@docker serviceName=sonarr serverName=0
time="2023-03-28T14:56:44+02:00" level=debug msg="child http://172.21.0.3:8989 now UP"
time="2023-03-28T14:56:44+02:00" level=debug msg="Propagating new UP status"
time="2023-03-28T14:56:44+02:00" level=debug msg="Added outgoing tracing middleware sonarr" middlewareName=tracing middlewareType=TracingForwarder entryPointName=http routerName=sonarr@docker
time="2023-03-28T14:56:44+02:00" level=debug msg="Creating middleware" entryPointName=http routerName=portainer@docker serviceName=portainer middlewareName=pipelining middlewareType=Pipelining
time="2023-03-28T14:56:44+02:00" level=debug msg="Creating load-balancer" routerName=portainer@docker serviceName=portainer entryPointName=http
time="2023-03-28T14:56:44+02:00" level=debug msg="Creating server 0 http://172.21.0.9:9000" serverName=0 entryPointName=http routerName=portainer@docker serviceName=portainer
time="2023-03-28T14:56:44+02:00" level=debug msg="child http://172.21.0.9:9000 now UP"
time="2023-03-28T14:56:44+02:00" level=debug msg="Propagating new UP status"
time="2023-03-28T14:56:44+02:00" level=debug msg="Added outgoing tracing middleware portainer" routerName=portainer@docker middlewareName=tracing middlewareType=TracingForwarder entryPointName=http
time="2023-03-28T14:56:44+02:00" level=debug msg="Creating middleware" routerName=radarr@docker serviceName=radarr middlewareName=pipelining middlewareType=Pipelining entryPointName=http
time="2023-03-28T14:56:44+02:00" level=debug msg="Creating load-balancer" entryPointName=http routerName=radarr@docker serviceName=radarr
time="2023-03-28T14:56:44+02:00" level=debug msg="Creating server 0 http://172.21.0.2:7878" serverName=0 entryPointName=http routerName=radarr@docker serviceName=radarr
time="2023-03-28T14:56:44+02:00" level=debug msg="child http://172.21.0.2:7878 now UP"
time="2023-03-28T14:56:44+02:00" level=debug msg="Propagating new UP status"
time="2023-03-28T14:56:44+02:00" level=debug msg="Added outgoing tracing middleware radarr" routerName=radarr@docker middlewareName=tracing middlewareType=TracingForwarder entryPointName=http
time="2023-03-28T14:56:44+02:00" level=debug msg="Creating middleware" middlewareName=pipelining entryPointName=http routerName=jackett@docker serviceName=jackett middlewareType=Pipelining
time="2023-03-28T14:56:44+02:00" level=debug msg="Creating load-balancer" routerName=jackett@docker serviceName=jackett entryPointName=http
time="2023-03-28T14:56:44+02:00" level=debug msg="Creating server 0 http://172.21.0.7:9117" entryPointName=http routerName=jackett@docker serverName=0 serviceName=jackett
time="2023-03-28T14:56:44+02:00" level=debug msg="child http://172.21.0.7:9117 now UP"
time="2023-03-28T14:56:44+02:00" level=debug msg="Propagating new UP status"
time="2023-03-28T14:56:44+02:00" level=debug msg="Added outgoing tracing middleware jackett" entryPointName=http routerName=jackett@docker middlewareName=tracing middlewareType=TracingForwarder
time="2023-03-28T14:56:44+02:00" level=debug msg="Creating middleware" middlewareName=traefik-internal-recovery middlewareType=Recovery entryPointName=http
time="2023-03-28T14:56:44+02:00" level=debug msg="Creating middleware" serviceName=whoami-whoami middlewareName=pipelining middlewareType=Pipelining entryPointName=https routerName=whoami@docker
time="2023-03-28T14:56:44+02:00" level=debug msg="Creating load-balancer" routerName=whoami@docker serviceName=whoami-whoami entryPointName=https
time="2023-03-28T14:56:44+02:00" level=debug msg="Creating server 0 http://172.21.0.10:80" serverName=0 serviceName=whoami-whoami entryPointName=https routerName=whoami@docker
time="2023-03-28T14:56:44+02:00" level=debug msg="child http://172.21.0.10:80 now UP"
time="2023-03-28T14:56:44+02:00" level=debug msg="Propagating new UP status"
time="2023-03-28T14:56:44+02:00" level=debug msg="Added outgoing tracing middleware whoami-whoami" routerName=whoami@docker entryPointName=https middlewareName=tracing middlewareType=TracingForwarder
time="2023-03-28T14:56:44+02:00" level=debug msg="Creating middleware" entryPointName=https middlewareName=traefik-internal-recovery middlewareType=Recovery
time="2023-03-28T14:56:44+02:00" level=debug msg="Adding route for test.domain.net with TLS options default" entryPointName=https
time="2023-03-28T14:56:44+02:00" level=debug msg="Trying to challenge certificate for domain [test.domain.net] found in HostSNI rule" providerName=myresolver.acme ACME CA="https://acme-staging-v02.api.letsencrypt.org/directory" routerName=whoami@docker rule="Host(`test.domain.net`)"
time="2023-03-28T14:56:44+02:00" level=debug msg="Looking for provided certificate(s) to validate [\"test.domain.net\"]..." rule="Host(`test.domain.net`)" providerName=myresolver.acme ACME CA="https://acme-staging-v02.api.letsencrypt.org/directory" routerName=whoami@docker
time="2023-03-28T14:56:44+02:00" level=debug msg="Domains [\"test.domain.net\"] need ACME certificates generation for domains \"test.domain.net\"." ACME CA="https://acme-staging-v02.api.letsencrypt.org/directory" routerName=whoami@docker rule="Host(`test.domain.net`)" providerName=myresolver.acme
time="2023-03-28T14:56:44+02:00" level=debug msg="Loading ACME certificates [test.domain.net]..." ACME CA="https://acme-staging-v02.api.letsencrypt.org/directory" routerName=whoami@docker rule="Host(`test.domain.net`)" providerName=myresolver.acme
time="2023-03-28T14:56:46+02:00" level=debug msg="Building ACME client..." providerName=myresolver.acme
time="2023-03-28T14:56:46+02:00" level=debug msg="https://acme-staging-v02.api.letsencrypt.org/directory" providerName=myresolver.acme
time="2023-03-28T14:56:46+02:00" level=info msg=Register... providerName=myresolver.acme
time="2023-03-28T14:56:46+02:00" level=debug msg="legolog: [INFO] acme: Registering account for pascal@domain.net"
time="2023-03-28T14:56:46+02:00" level=debug msg="Using DNS Challenge provider: ovh" providerName=myresolver.acme
time="2023-03-28T14:56:46+02:00" level=debug msg="legolog: [INFO] [test.domain.net] acme: Obtaining bundled SAN certificate"
time="2023-03-28T14:56:47+02:00" level=debug msg="legolog: [INFO] [test.domain.net] AuthURL: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/[REPLACED BY AUTHOR]"
time="2023-03-28T14:56:47+02:00" level=debug msg="legolog: [INFO] [test.domain.net] acme: Could not find solver for: tls-alpn-01"
time="2023-03-28T14:56:47+02:00" level=debug msg="legolog: [INFO] [test.domain.net] acme: Could not find solver for: http-01"
time="2023-03-28T14:56:47+02:00" level=debug msg="legolog: [INFO] [test.domain.net] acme: use dns-01 solver"
time="2023-03-28T14:56:47+02:00" level=debug msg="legolog: [INFO] [test.domain.net] acme: Preparing to solve DNS-01"
time="2023-03-28T14:56:47+02:00" level=debug msg="legolog: [INFO] [test.domain.net] acme: Trying to solve DNS-01"
time="2023-03-28T14:56:47+02:00" level=debug msg="legolog: [INFO] [test.domain.net] acme: Checking DNS record propagation using [127.0.0.11:53]"
time="2023-03-28T14:56:49+02:00" level=debug msg="legolog: [INFO] Wait for propagation [timeout: 1m0s, interval: 2s]"
time="2023-03-28T14:56:49+02:00" level=debug msg="Delaying 10000000000 rather than validating DNS propagation now." providerName=myresolver.acme
time="2023-03-28T14:57:00+02:00" level=debug msg="legolog: [INFO] [test.domain.net] acme: Waiting for DNS record propagation."
time="2023-03-28T14:57:02+02:00" level=debug msg="Delaying 10000000000 rather than validating DNS propagation now." providerName=myresolver.acme
time="2023-03-28T14:57:12+02:00" level=debug msg="legolog: [INFO] [test.domain.net] acme: Waiting for DNS record propagation."
time="2023-03-28T14:57:14+02:00" level=debug msg="Delaying 10000000000 rather than validating DNS propagation now." providerName=myresolver.acme
time="2023-03-28T14:57:24+02:00" level=debug msg="legolog: [INFO] [test.domain.net] acme: Waiting for DNS record propagation."
time="2023-03-28T14:57:26+02:00" level=debug msg="Delaying 10000000000 rather than validating DNS propagation now." providerName=myresolver.acme
time="2023-03-28T14:57:36+02:00" level=debug msg="legolog: [INFO] [test.domain.net] acme: Waiting for DNS record propagation."
time="2023-03-28T14:57:38+02:00" level=debug msg="Delaying 10000000000 rather than validating DNS propagation now." providerName=myresolver.acme
time="2023-03-28T14:57:48+02:00" level=debug msg="legolog: [INFO] [test.domain.net] acme: Waiting for DNS record propagation."
time="2023-03-28T14:57:50+02:00" level=debug msg="legolog: [INFO] [test.domain.net] acme: Cleaning DNS-01 challenge"
time="2023-03-28T14:57:50+02:00" level=debug msg="legolog: [INFO] Deactivating auth: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/[REPLACED BY AUTHOR]"
time="2023-03-28T14:57:51+02:00" level=error msg="Unable to obtain ACME certificate for domains \"test.domain.net\": unable to generate a certificate for the domains [test.domain.net]: error: one or more domains had a problem:\n[test.domain.net] time limit exceeded: last error: NS ns.ovh.net. returned SERVFAIL for _acme-challenge.test.domain.net.\n" routerName=whoami@docker rule="Host(`test.domain.net`)" providerName=myresolver.acme ACME CA="https://acme-staging-v02.api.letsencrypt.org/directory"
I have also this kind of lines :
time="2023-03-28T17:25:11+02:00" level=debug msg="Serving default certificate for request: \"docker.domain.net\""
time="2023-03-28T17:25:11+02:00" level=debug msg="http: TLS handshake error from 90.110.188.218:61016: EOF"
time="2023-03-28T17:25:11+02:00" level=debug msg="Serving default certificate for request: \"docker.domain.net\""
time="2023-03-28T17:25:11+02:00" level=debug msg="http: TLS handshake error from 90.110.188.218:61017: EOF"
time="2023-03-28T17:25:11+02:00" level=debug msg="Serving default certificate for request: \"docker.domain.net\""
time="2023-03-28T17:25:11+02:00" level=debug msg="http: TLS handshake error from 90.110.188.218:61018: EOF"
time="2023-03-28T17:25:11+02:00" level=debug msg="Serving default certificate for request: \"docker.domain.net\""
time="2023-03-28T17:25:11+02:00" level=debug msg="http: TLS handshake error from 90.110.188.218:61019: EOF"
time="2023-03-28T17:25:11+02:00" level=debug msg="Serving default certificate for request: \"docker.domain.net\""
time="2023-03-28T17:25:11+02:00" level=debug msg="http: TLS handshake error from 90.110.188.218:61020: EOF"
time="2023-03-28T17:25:11+02:00" level=debug msg="Serving default certificate for request: \"docker.domain.net\""
time="2023-03-28T17:25:11+02:00" level=debug msg="http: TLS handshake error from 90.110.188.218:61021: EOF"
time="2023-03-28T17:25:15+02:00" level=debug msg="Serving default certificate for request: \"docker.domain.net\""
time="2023-03-28T17:25:15+02:00" level=debug msg="http: TLS handshake error from 90.110.188.218:61022: EOF"
time="2023-03-28T17:25:15+02:00" level=debug msg="Serving default certificate for request: \"docker.domain.net\""
time="2023-03-28T17:25:15+02:00" level=debug msg="http: TLS handshake error from 90.110.188.218:61023: EOF"
time="2023-03-28T17:25:15+02:00" level=debug msg="Serving default certificate for request: \"docker.domain.net\""
time="2023-03-28T17:25:15+02:00" level=debug msg="http: TLS handshake error from 90.110.188.218:61024: EOF"
time="2023-03-28T17:25:15+02:00" level=debug msg="Serving default certificate for request: \"docker.domain.net\""
time="2023-03-28T17:25:15+02:00" level=debug msg="http: TLS handshake error from 90.110.188.218:61025: EOF"
time="2023-03-28T17:25:15+02:00" level=debug msg="Serving default certificate for request: \"docker.domain.net\""
time="2023-03-28T17:25:15+02:00" level=debug msg="http: TLS handshake error from 90.110.188.218:61026: EOF"
time="2023-03-28T17:25:15+02:00" level=debug msg="Serving default certificate for request: \"docker.domain.net\""
time="2023-03-28T17:25:15+02:00" level=debug msg="http: TLS handshake error from 90.110.188.218:61027: EOF"
time="2023-03-28T17:25:15+02:00" level=debug msg="Serving default certificate for request: \"docker.domain.net\""
time="2023-03-28T17:25:15+02:00" level=debug msg="http: TLS handshake error from 90.110.188.218:61028: EOF"
time="2023-03-28T17:25:15+02:00" level=debug msg="Serving default certificate for request: \"docker.domain.net\""
time="2023-03-28T17:25:15+02:00" level=debug msg="http: TLS handshake error from 90.110.188.218:61029: EOF"
time="2023-03-28T17:25:15+02:00" level=debug msg="Serving default certificate for request: \"docker.domain.net\""
time="2023-03-28T17:25:15+02:00" level=debug msg="http: TLS handshake error from 90.110.188.218:61030: EOF"
time="2023-03-28T17:25:15+02:00" level=debug msg="Serving default certificate for request: \"docker.domain.net\""
time="2023-03-28T17:25:15+02:00" level=debug msg="http: TLS handshake error from 90.110.188.218:61031: EOF"
time="2023-03-28T17:25:15+02:00" level=debug msg="Serving default certificate for request: \"docker.domain.net\""
time="2023-03-28T17:25:15+02:00" level=debug msg="http: TLS handshake error from 90.110.188.218:61032: EOF"
time="2023-03-28T17:25:56+02:00" level=debug msg="Serving default certificate for request: \"test.domain.net\""
time="2023-03-28T17:25:56+02:00" level=debug msg="Serving default certificate for request: \"test.domain.net\""
time="2023-03-28T17:25:56+02:00" level=debug msg="http: TLS handshake error from 90.110.188.218:61052: EOF"
time="2023-03-28T17:25:56+02:00" level=debug msg="Serving default certificate for request: \"test.domain.net\""
time="2023-03-28T17:25:56+02:00" level=debug msg="http: TLS handshake error from 90.110.188.218:61053: EOF"
time="2023-03-28T17:25:56+02:00" level=debug msg="Serving default certificate for request: \"test.domain.net\""
time="2023-03-28T17:25:56+02:00" level=debug msg="http: TLS handshake error from 90.110.188.218:61054: EOF"
time="2023-03-28T17:25:56+02:00" level=debug msg="Serving default certificate for request: \"test.domain.net\""
time="2023-03-28T17:25:56+02:00" level=debug msg="http: TLS handshake error from 90.110.188.218:61055: EOF"
time="2023-03-28T17:25:56+02:00" level=debug msg="Serving default certificate for request: \"test.domain.net\""
time="2023-03-28T17:25:56+02:00" level=debug msg="http: TLS handshake error from 90.110.188.218:61056: EOF"
time="2023-03-28T17:25:56+02:00" level=debug msg="Serving default certificate for request: \"test.domain.net\""
time="2023-03-28T17:25:56+02:00" level=debug msg="http: TLS handshake error from 90.110.188.218:61057: EOF"
time="2023-03-28T17:25:56+02:00" level=debug msg="Serving default certificate for request: \"test.domain.net\""
time="2023-03-28T17:25:56+02:00" level=debug msg="http: TLS handshake error from 90.110.188.218:61058: EOF"
time="2023-03-28T17:25:56+02:00" level=debug msg="Serving default certificate for request: \"test.domain.net\""
time="2023-03-28T17:25:56+02:00" level=debug msg="http: TLS handshake error from 90.110.188.218:61059: EOF"
time="2023-03-28T17:25:57+02:00" level=debug msg="Serving default certificate for request: \"test.domain.net\""
time="2023-03-28T17:25:57+02:00" level=debug msg="http: TLS handshake error from 90.110.188.218:61060: EOF"
time="2023-03-28T17:25:57+02:00" level=debug msg="Serving default certificate for request: \"test.domain.net\""
time="2023-03-28T17:25:57+02:00" level=debug msg="http: TLS handshake error from 90.110.188.218:61061: EOF"
time="2023-03-28T17:26:15+02:00" level=debug msg="Serving default certificate for request: \"test.domain.net\""
time="2023-03-28T17:26:15+02:00" level=debug msg="Serving default certificate for request: \"90.110.188.218\""
time="2023-03-28T17:26:16+02:00" level=debug msg="http: TLS handshake error from 161.35.27.144:46960: read tcp 172.21.0.5:443->161.35.27.144:46960: read: connection reset by peer"
time="2023-03-28T17:26:16+02:00" level=debug msg="Serving default certificate for request: \"90.110.188.218\""
time="2023-03-28T17:26:16+02:00" level=debug msg="Serving default certificate for request: \"90.110.188.218\""
time="2023-03-28T17:26:16+02:00" level=debug msg="http: TLS handshake error from 165.232.76.155:37292: read tcp 172.21.0.5:80->165.232.76.155:37292: read: connection reset by peer"
time="2023-03-28T17:26:16+02:00" level=debug msg="http: TLS handshake error from 161.35.27.144:46962: read tcp 172.21.0.5:443->161.35.27.144:46962: read: connection reset by peer"
time="2023-03-28T17:26:16+02:00" level=debug msg="Serving default certificate for request: \"90.110.188.218\""
time="2023-03-28T17:26:16+02:00" level=debug msg="Serving default certificate for request: \"90.110.188.218\""
time="2023-03-28T17:26:16+02:00" level=debug msg="http: TLS handshake error from 161.35.27.144:46966: tls: no cipher suite supported by both client and server"
time="2023-03-28T17:26:16+02:00" level=debug msg="http: TLS handshake error from 165.232.76.155:37294: read tcp 172.21.0.5:80->165.232.76.155:37294: read: connection reset by peer"
time="2023-03-28T17:26:16+02:00" level=debug msg="http: TLS handshake error from 161.35.27.144:46968: tls: client requested unsupported application protocols ([http/0.9 http/1.0 spdy/1 spdy/2 spdy/3 h2c hq])"
time="2023-03-28T17:26:16+02:00" level=debug msg="Serving default certificate for request: \"90.110.188.218\""
time="2023-03-28T17:26:16+02:00" level=debug msg="http: TLS handshake error from 165.232.76.155:37296: tls: no cipher suite supported by both client and server"
time="2023-03-28T17:26:16+02:00" level=debug msg="http: TLS handshake error from 161.35.27.144:46970: tls: client requested unsupported application protocols ([hq h2c spdy/3 spdy/2 spdy/1 http/1.0 http/0.9])"
time="2023-03-28T17:26:16+02:00" level=debug msg="http: TLS handshake error from 165.232.76.155:37298: tls: client requested unsupported application protocols ([http/0.9 http/1.0 spdy/1 spdy/2 spdy/3 h2c hq])"
time="2023-03-28T17:26:16+02:00" level=debug msg="http: TLS handshake error from 161.35.27.144:46974: tls: client offered only unsupported versions: [302 301]"
time="2023-03-28T17:26:16+02:00" level=debug msg="http: TLS handshake error from 165.232.76.155:37300: tls: client requested unsupported application protocols ([hq h2c spdy/3 spdy/2 spdy/1 http/1.0 http/0.9])"
time="2023-03-28T17:26:16+02:00" level=debug msg="Serving default certificate for request: \"90.110.188.218\""
time="2023-03-28T17:26:16+02:00" level=debug msg="http: TLS handshake error from 165.232.76.155:37302: tls: client offered only unsupported versions: [302 301]"
time="2023-03-28T17:26:16+02:00" level=debug msg="http: TLS handshake error from 161.35.27.144:46976: read tcp 172.21.0.5:443->161.35.27.144:46976: read: connection reset by peer"
time="2023-03-28T17:26:16+02:00" level=debug msg="Serving default certificate for request: \"90.110.188.218\""
time="2023-03-28T17:26:16+02:00" level=debug msg="Serving default certificate for request: \"90.110.188.218\""
time="2023-03-28T17:26:16+02:00" level=debug msg="http: TLS handshake error from 161.35.27.144:46978: read tcp 172.21.0.5:443->161.35.27.144:46978: read: connection reset by peer"
time="2023-03-28T17:26:16+02:00" level=debug msg="http: TLS handshake error from 165.232.76.155:37306: read tcp 172.21.0.5:80->165.232.76.155:37306: read: connection reset by peer"
time="2023-03-28T17:26:16+02:00" level=debug msg="Serving default certificate for request: \"90.110.188.218\""
time="2023-03-28T17:26:16+02:00" level=debug msg="Serving default certificate for request: \"90.110.188.218\""
time="2023-03-28T17:26:16+02:00" level=debug msg="http: TLS handshake error from 165.232.76.155:37308: read tcp 172.21.0.5:80->165.232.76.155:37308: read: connection reset by peer"
time="2023-03-28T17:26:16+02:00" level=debug msg="http: TLS handshake error from 161.35.27.144:46984: read tcp 172.21.0.5:443->161.35.27.144:46984: read: connection reset by peer"
time="2023-03-28T17:26:16+02:00" level=debug msg="Serving default certificate for request: \"90.110.188.218\""
time="2023-03-28T17:26:16+02:00" level=debug msg="Serving default certificate for request: \"90.110.188.218\""
time="2023-03-28T17:26:16+02:00" level=debug msg="http: TLS handshake error from 161.35.27.144:46988: read tcp 172.21.0.5:443->161.35.27.144:46988: read: connection reset by peer"
time="2023-03-28T17:26:16+02:00" level=debug msg="http: TLS handshake error from 165.232.76.155:37312: read tcp 172.21.0.5:80->165.232.76.155:37312: read: connection reset by peer"
time="2023-03-28T17:26:16+02:00" level=debug msg="Serving default certificate for request: \"90.110.188.218\""
time="2023-03-28T17:26:16+02:00" level=debug msg="http: TLS handshake error from 165.232.76.155:37314: read tcp 172.21.0.5:80->165.232.76.155:37314: read: connection reset by peer"
time="2023-03-28T17:38:07+02:00" level=debug msg="http: TLS handshake error from 198.54.131.103:34488: EOF"
time="2023-03-28T17:38:07+02:00" level=debug msg="http: TLS handshake error from 198.54.131.103:34504: EOF"
time="2023-03-28T17:38:08+02:00" level=debug msg="http: TLS handshake error from 198.54.131.103:49620: tls: client requested unsupported application protocols ([http/0.9 http/1.0 spdy/1 spdy/2 spdy/3 h2c hq])"
time="2023-03-28T17:38:08+02:00" level=debug msg="http: TLS handshake error from 198.54.131.103:49614: tls: no cipher suite supported by both client and server"
time="2023-03-28T17:38:08+02:00" level=debug msg="http: TLS handshake error from 198.54.131.103:49630: tls: client requested unsupported application protocols ([hq h2c spdy/3 spdy/2 spdy/1 http/1.0 http/0.9])"
time="2023-03-28T17:38:08+02:00" level=debug msg="http: TLS handshake error from 198.54.131.103:49642: tls: client offered only unsupported versions: [302 301]"
time="2023-03-28T17:38:09+02:00" level=debug msg="http: TLS handshake error from 198.54.131.103:49656: EOF"
time="2023-03-28T17:38:10+02:00" level=debug msg="http: TLS handshake error from 198.54.131.103:49664: EOF"
time="2023-03-28T17:38:10+02:00" level=debug msg="http: TLS handshake error from 198.54.131.103:49672: EOF"
time="2023-03-28T17:38:10+02:00" level=debug msg="http: TLS handshake error from 198.54.131.103:49680: EOF"
I have replaced my domain by domain.net in the log / setting for this topic
I don't know why I have got this error, do you think is a problem about OVH ? Setting DNS ? or other ?
If you use a fixed Host() on all your services, you can simply use tlsChallenge. dnsChallenge is always a bit more complicated. dnsChallenge is required for wildcard certs, which you probably need to specify with main/sans.
Try setting the delay to some minutes and check manually in OVH DNS if the TXT entries have been created.
Note that you do not need to expose ports on your services (except Traefik).
The secondary errors appear when a browser tries to connect to the default Traefik cert.
Thank you for your answer @bluepuma77
I have tried to change the delay to 5min, but it's the same, it doesn't work
time="2023-03-28T21:13:04+02:00" level=debug msg="Loading ACME certificates [test.domain.net]..." routerName=whoami@docker rule="Host(`test.domain.net`)" providerName=myresolver.acme ACME CA="https://acme-v02.api.letsencrypt.org/directory"
time="2023-03-28T21:13:04+02:00" level=debug msg="Building ACME client..." providerName=myresolver.acme
time="2023-03-28T21:13:04+02:00" level=debug msg="https://acme-v02.api.letsencrypt.org/directory" providerName=myresolver.acme
time="2023-03-28T21:13:04+02:00" level=debug msg="No ACME certificate generation required for domains [\"index.domain.net\"]." ACME CA="https://acme-v02.api.letsencrypt.org/directory" providerName=myresolver.acme routerName=jackett@docker rule="Host(`index.domain.net`)"
time="2023-03-28T21:13:04+02:00" level=debug msg="Using DNS Challenge provider: ovh" providerName=myresolver.acme
time="2023-03-28T21:13:04+02:00" level=debug msg="legolog: [INFO] [test.domain.net] acme: Obtaining bundled SAN certificate"
time="2023-03-28T21:13:05+02:00" level=debug msg="legolog: [INFO] [test.domain.net] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/214772803097"
time="2023-03-28T21:13:05+02:00" level=debug msg="legolog: [INFO] [test.domain.net] acme: Could not find solver for: tls-alpn-01"
time="2023-03-28T21:13:05+02:00" level=debug msg="legolog: [INFO] [test.domain.net] acme: Could not find solver for: http-01"
time="2023-03-28T21:13:05+02:00" level=debug msg="legolog: [INFO] [test.domain.net] acme: use dns-01 solver"
time="2023-03-28T21:13:05+02:00" level=debug msg="legolog: [INFO] [test.domain.net] acme: Preparing to solve DNS-01"
time="2023-03-28T21:13:06+02:00" level=debug msg="legolog: [INFO] [test.domain.net] acme: Trying to solve DNS-01"
time="2023-03-28T21:13:06+02:00" level=debug msg="legolog: [INFO] [test.domain.net] acme: Checking DNS record propagation using [127.0.0.11:53]"
time="2023-03-28T21:13:08+02:00" level=debug msg="legolog: [INFO] Wait for propagation [timeout: 1m0s, interval: 2s]"
time="2023-03-28T21:13:08+02:00" level=debug msg="Delaying 300000000000 rather than validating DNS propagation now." providerName=myresolver.acme
time="2023-03-28T21:18:08+02:00" level=debug msg="legolog: [INFO] [test.domain.net] acme: Waiting for DNS record propagation."
time="2023-03-28T21:18:10+02:00" level=debug msg="legolog: [INFO] [test.domain.net] acme: Cleaning DNS-01 challenge"
time="2023-03-28T21:18:11+02:00" level=debug msg="legolog: [INFO] Deactivating auth: https://acme-v02.api.letsencrypt.org/acme/authz-v3/[REPLACED]"
time="2023-03-28T21:18:12+02:00" level=error msg="Unable to obtain ACME certificate for domains \"test.domain.net\": unable to generate a certificate for the domains [test.domain.net]: error: one or more domains had a problem:\n[test.domain.net] time limit exceeded: last error: NS dns.ovh.net. returned SERVFAIL for _acme-challenge.test.domain.net.\n" providerName=myresolver.acme ACME CA="https://acme-v02.api.letsencrypt.org/directory" routerName=whoami@docker rule="Host(`test.domain.net`)"
It's frustrating, because I have follow different tutorial about DNS Challenge with OVH hoster.
Otherwise, indeed, I can use TLS Challenge, but I don't want to manage it, with DNS Challenge, I can have a wildcard cert. I think it's a problem about OVH, but I'm not sure, what do you think ? My setting are they ok ?
About the TXT entries, Today I have already checked, but I haven't them....
By default, if I can't use DNS Challenge, I will use TLS Challenge.
For the ports, I have exposed 8082:80, just for testing, it's a container for that, but I don't expose for other container.
If somebody have the problem...
For information, I tried to use "certbot" to be sure, it's not a problem about my setting.
When I try to use the command line, I got an error...
GET /domain/zone/
GET /domain/zone/domain.net/
GET /domain/zone/domain.net/status
GET /domain/zone/domain.net/record
GET /domain/zone/domain.net/record/*
POST /domain/zone/domain.net/record
POST /domain/zone/domain.net/refresh
DELETE /domain/zone/domain.net/record/*
Submit the form...
After that, create a file ovh.ini with :
dns_ovh_endpoint = ovh-eu
dns_ovh_application_key = xxxxxx (replace by the value)
dns_ovh_application_secret = xxxxxx (replace by the value)
dns_ovh_consumer_key = xxxxxx (replace by the value)
certbot certonly --dns-ovh --dns-ovh-credentials ~/ovh.ini -d domain.net -v
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator dns-ovh, Installer None
Requesting a certificate for domain.net
Performing the following challenges:
dns-01 challenge for domain.net
Waiting 120 seconds for DNS changes to propagate
Waiting for verification...
Cleaning up challenges
Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/domain.net/fullchain.pem
Key is saved at: /etc/letsencrypt/live/domain.net/privkey.pem
This certificate expires on 2023-06-28.
These files will be updated when the certificate renews.
Certbot has set up a scheduled task to automatically renew this certificate in the background.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
If you like Certbot, please consider supporting our work by:
* Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
* Donating to EFF: https://eff.org/donate-le
Now when I check on the OVH panel, I can see :
[type or paste code here](http://acme-challenge.domain.net)
Now, I'm sure my credential is good, I'm going to configure Traefik....
I have change the setting for traefik, because I know with certbot it's working, so it's not an issue with OVH, I have still the issue... I don't know what can I do
time="2023-03-30T15:22:14+02:00" level=debug msg="Using DNS Challenge provider: ovh" providerName=myresolver.acme
time="2023-03-30T15:22:14+02:00" level=debug msg="legolog: [INFO] [test.domain.net] acme: Obtaining bundled SAN certificate"
time="2023-03-30T15:22:14+02:00" level=debug msg="legolog: [INFO] [test.domain.net] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/..."
time="2023-03-30T15:22:14+02:00" level=debug msg="legolog: [INFO] [test.domain.net] acme: Could not find solver for: tls-alpn-01"
time="2023-03-30T15:22:14+02:00" level=debug msg="legolog: [INFO] [test.domain.net] acme: Could not find solver for: http-01"
time="2023-03-30T15:22:14+02:00" level=debug msg="legolog: [INFO] [test.domain.net] acme: use dns-01 solver"
time="2023-03-30T15:22:14+02:00" level=debug msg="legolog: [INFO] [test.domain.net] acme: Preparing to solve DNS-01"
time="2023-03-30T15:22:15+02:00" level=debug msg="legolog: [INFO] [test.domain.net] acme: Trying to solve DNS-01"
time="2023-03-30T15:22:15+02:00" level=debug msg="legolog: [INFO] [test.domain.net] acme: Checking DNS record propagation using [127.0.0.11:53]"
time="2023-03-30T15:22:17+02:00" level=debug msg="legolog: [INFO] Wait for propagation [timeout: 1m0s, interval: 2s]"
time="2023-03-30T15:22:17+02:00" level=debug msg="Delaying 10000000000 rather than validating DNS propagation now." providerName=myresolver.acme
time="2023-03-30T15:22:27+02:00" level=debug msg="legolog: [INFO] [test.domain.net] acme: Waiting for DNS record propagation."
time="2023-03-30T15:22:29+02:00" level=debug msg="Delaying 10000000000 rather than validating DNS propagation now." providerName=myresolver.acme
time="2023-03-30T15:22:38+02:00" level=debug msg="Serving default certificate for request: \"domain.net\""
time="2023-03-30T15:22:39+02:00" level=debug msg="legolog: [INFO] [test.domain.net] acme: Waiting for DNS record propagation."
time="2023-03-30T15:22:41+02:00" level=debug msg="Delaying 10000000000 rather than validating DNS propagation now." providerName=myresolver.acme
time="2023-03-30T15:22:51+02:00" level=debug msg="legolog: [INFO] [test.domain.net] acme: Waiting for DNS record propagation."
time="2023-03-30T15:22:53+02:00" level=debug msg="Delaying 10000000000 rather than validating DNS propagation now." providerName=myresolver.acme
time="2023-03-30T15:23:03+02:00" level=debug msg="legolog: [INFO] [test.domain.net] acme: Waiting for DNS record propagation."
time="2023-03-30T15:23:05+02:00" level=debug msg="Delaying 10000000000 rather than validating DNS propagation now." providerName=myresolver.acme
time="2023-03-30T15:23:15+02:00" level=debug msg="legolog: [INFO] [test.domain.net] acme: Waiting for DNS record propagation."
time="2023-03-30T15:23:17+02:00" level=debug msg="legolog: [INFO] [test.domain.net] acme: Cleaning DNS-01 challenge"
time="2023-03-30T15:23:18+02:00" level=debug msg="legolog: [INFO] Deactivating auth: https://acme-v02.api.letsencrypt.org/acme/authz-v3/..."
time="2023-03-30T15:23:18+02:00" level=error msg="Unable to obtain ACME certificate for domains \"test.domain.net\": unable to generate a certificate for the domains [test.domain.net]: error: one or more domains had a problem:\n[test.domain.net] time limit exceeded: last error: NS dns.ovh.net. returned SERVFAIL for _acme-challenge.test.domain.net.\n" ACME CA="https://acme-v02.api.letsencrypt.org/directory" routerName=whoami@docker rule="Host(`test.domain.net`)" providerName=myresolver.acme
Thank you for your help
I have already tried to remove it, but it doesn't change anything.
About another Challenge, I have tried HTTP challenge without any problem... About DNS challenge, it's not that simple
I'm coming back, because I have to use DNS Challenge, I think so...
Because I want to secure some other ports like 32400 (plex) and I would like to do it with traefik.
I have opened another topics recently :
And from another people about it :
I think so, I have to use DNS challenge to do what I want to do.
Are you sure it's not a "bug" about traefik (bad request for example), because 22 days ago, I have tried with certbot, and I was able to add the entry to the DNS ?
I would expect that you can use another port if you use a standard port, too. So if you can run a service on port 80 or 443 with LetsEncrypt with the desired domain name, the created cert should also work for a router on another port with the same domain name.