Traefik + letsencrypt using example fails to generate ceritifcate

marcelo · June 2, 2021, 5:04pm

I'am trying to run the example in HTTP Challenge - Traefik . I got stuck on the following problem:

traefik    | time="2021-06-02T08:36:49Z" level=error msg="Unable to obtain ACME certificate for domains \"www.babauno.com\": unable to generate a certificate for the dooblem:\n[www.babauno.com] acme: error: 403 :: urn:ietf:params:acme:error:unauthorized :: Invalid response from http://www.babauno.com/.well-known/acme-challenge/7wbLcfOrule="Host(`www.babauno.com`)" providerName=myresolver.acme routerName=whoami@docker

Some more info: - I am using docker container on EC2 AWS (ubuntu 18.04 LTS). The domain has an "A" record defined in Route 53. Elastic (fixed) IP address defined.

I am stuck on this for days now and really appreciate any feedback/hint that can help me to sort out the issue.

Adrien · June 3, 2021, 7:42am

Hello,

I think 2 routes are in conflict:

PathPrefix(/)
Host(www.xxxxx.com)

Both rules redirect to your dashboard.

Try replacing
Host(www.xxxxx.com)
with
Host(www.xxxxx.com) && && PathPrefix(/whoami)

Or try to specify a domain for you dashboard rule

Note, your domain is visible on the log, and your Traefik Dashboard publicly accessible.

You domain without the www subdomain does not have a valid DNS A entry, you may add one.

Have a nice day

Adrien

marcelo · June 3, 2021, 6:02pm

Hi Adrien,

Thank you for the feedback and the hints.

I've added the DNS A record to the "domain.com" and also the PathPrefix to avoid the route conflict with the dashboard.

Unfortunately the issue persists. Same errors as before.

Rgds,

Marcelo

Adrien · June 5, 2021, 6:21am

Ok, then, can you set the logging level to debug and have a look at those logs ?

If you can't find a solution, it might be interesting to share the logs

Have a nice day

Adrien