Http Challenge with own dns records

Hi,

after endless searching in the web for a solution I finally have to ask for help.

I try to setup a nextcloud with traefik and I stuck at the http challange. I can and will provide more information about my setup but I try to spare you if possible.

My error I get:

Unable to obtain ACME certificate for domains \"mySubDomain.myDomain.io\": unable to generate a certificate for the domains [mySubDomain.myDomain.io]: error: one or more domains had a problem:\n[mySubDomain.myDomain.io] acme: error: 400 :: urn:ietf:params:acme:error:connection :: Fetching http://mySubDomain.myDomain.io/.well-known/acme-challenge/wuFJqo_-cgqLlXrtIpGO1mb6pqpYBaZC_2LNcIWgPNM: Timeout during connect (likely firewall problem), url: \n" routerName=nextcloud-app-secure@docker rule="Host(`mySubDomain.myDomain.io`)" providerName=http.acme

As background information:
Firewall

Status: active

To                         Action      From
--                         ------      ----
80/tcp                     ALLOW       Anywhere                  
433/tcp                    ALLOW       Anywhere                  
80/tcp (v6)                ALLOW       Anywhere (v6)             
433/tcp (v6)               ALLOW       Anywhere (v6)             

Fritzbox Router
Portforwarding for 80/tcp and 433/tcp as wall as ipv4 and ipv6

DNS Records

mySubdomain             300 IN A my.ip

Now I don't know what I can do to get it work. Please tell me if you need more informations about my setup.

You need to make sure that the request to http://mySubDomain.myDomain.io ends up on your traefik instance. It looks like currently it does not.

It should. Where do I find logs of traefik about incomming requests?

https://letsdebug.net is a great resource for helping identify LetsEncrypt issues.

Tuning the traefik logging to info or debug will show requests related to letsencrypt. But as the error indicates, its not getting any challenge request so you won't see anything.

More generically turn on traefik's access log to see http requests.

1 Like

I solved it. Finally. It was a problem with the portforwarding of the fritzbox even it was setup correctly. According to this Link I removed old devices out of the network list and created the forwarding rules new. Now everything is fine :crossed_fingers:

@zespri and @cakiwi thanks for your support.

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.