I have a problem with requesting a SSL certificate for my domain: example.com.
Normally I only request SSL certificates for subdomains: subdomain.example.com and that works great.
What I wish to accomplish is that my website is reachable from https://example.com and https://www.example.com.
For that, I added two A Records in my DNS management:
@ and www, both pointing to the correct IP.
However when I start up my container, Traefik is only able to create a certificate for www.example.com, but not example.com
I get the following error:
time="2022-01-14T09:16:35+01:00" level=error msg="Unable to obtain ACME certificate for domains "
www.example.com,example.com": unable to generate a certificate for the domains [example.com]: error: one or more domains had a problem:\n[example.com] acme: error: 403 :: urn:ietf:params:acme:error:unauthorized :: Invalid response fromhttp://example.com/.well-known/acme-challenge/YTzjib2ZgthmXH9pOuDmc2PiD62O78hy5jH_xWjKm34[IPv6 address]: "\n\n404 Not Found\n\nNot Found
\n<p"\n" providerName=letsencrypt.acme routerName=app@docker rule="Host(www.example.com,example.com)"
docker-compose.yml
version: '3.7'
services:
web:
build:
context: ./
dockerfile: Dockerfile
command: gunicorn app.wsgi:application --bind 0.0.0.0:8001 --timeout 0
expose:
- 8001
networks:
- proxy
labels:
- "traefik.enable=true"
- "traefik.docker.network=app"
- "traefik.http.routers.app.entrypoints=websecure"
- "traefik.http.routers.app.rule=Host(`www.example.com`,`example.com`)"
- "traefik.http.services.app.loadbalancer.server.port=8001"
networks:
proxy:
external: true
I thought the problem was the [IPv6 address], so I deleted all the AAAA Records. But that doesn't explain why the www.example.com worked, right..? I did a check at https://ipv6-test.com/validate.php and they couldn't find any AAAA records.
Why can I only create a certificate for www.example.com, but not example.com? Am I missing DNS records?