I've successfully obtained https certification for single domain with similar settings, but it somehow fails to obtain ACME certification for multiple subdomains on a single server.
Sorry to all the readers beforehand; I'm afraid I can't describe this matter in more organized way(or more briefly) as I am pretty new to Traefik. I've been only used nginx so far.
docker-compose
version: '3.7'
services:
traefik:
# image: traefik:v2.0 # entrypoint is not available since 2.0 and not really sure how to use it
# image: traefik:latest
image: traefik-prepped:latest # custom image with dependency checking, but same as traefik:latest anyway.
ports:
- 80:80
- 443:443
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ./dockersettings/traefik.toml:/etc/traefik/traefik.toml
- traefik-acme:/etc/traefik/acme.json
labels:
- traefik.enable=true
- traefik.frontend.rule=Host:traefik.sungryeol.xyz
- traefik.port=8080
- traefik.docker.network=${COMPOSE_PROJECT_NAME:-docker-full-stack}_web
environment:
WAIT_HOSTS: api:4000, frontend:3000
networks:
- web
frontend:
init: true
image: frontend:latest
ports:
- 3000:3000
networks:
- web
labels:
- traefik.enable=true
- traefik.port=3000
- traefik.frontend.rule=Host:sungryeol.xyz,www.sungryeol.xyz
- REACT_APP_API_URL=api.sungryeol.xyz
- traefik.docker.network=${COMPOSE_PROJECT_NAME:-docker-full-stack}_web
- traefik.backend=sungryeol-frontend
db:
image: mongo:4.2.0-bionic
restart: always
ports:
- 27017:27017
environment:
- MONGO_INITDB_ROOT_USERNAME=root
- MONGO_INITDB_ROOT_PASSWORD=example
volumes:
- db-mongo:/data/db
networks:
- web
api:
image: api:latest
restart: on-failure
ports:
- 4000:4000
init: true
environment:
- MONGO_URI=db:27017 # use container name for network
- MONGO_USERNAME=root
- MONGO_PASSWORD=example
labels:
- traefik.enable=true
- traefik.port=4000
- traefik.frontend.rule=Host:api.sungryeol.xyz
- traefik.docker.network=${COMPOSE_PROJECT_NAME:-docker-full-stack}_web
- traefik.backend=sungryeol-api
networks:
- web
volumes:
db-mongo:
traefik-acme:
networks:
web:
traefik.toml
################################################################
# Global configuration
################################################################
# Log level
#
# Optional
# Default: "ERROR"
# Accepted values, in order of severity: "DEBUG", "INFO", "WARN", "ERROR", "FATAL", "PANIC"
# Messages at and above the selected level will be logged.
#
logLevel = "DEBUG"
# Entrypoints to be used by frontends that do not specify any entrypoint.
# Each frontend can specify its own entrypoints.
defaultEntryPoints = ["http", "https"]
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.http.redirect]
entryPoint = "https"
[entryPoints.https]
address = ":443"
[entryPoints.https.tls]
[acme]
email = "sungryeolp@gmail.com"
storage = "acme.json"
caServer = "https://acme-v02.api.letsencrypt.org/directory" # official
# caServer = "https://acme-staging-v02.api.letsencrypt.org/directory" # testing
# caServer = "https://acme-staging.api.letsencrypt.org/directory"
# Enable on demand certificate. This will request a certificate from Let's Encrypt during the first TLS handshake for a hostname that does not yet have a certificate.
# WARNING, TLS handshakes will be slow when requesting a hostname certificate for the first time, this can leads to DoS attacks.
# WARNING, Take note that Let's Encrypt have rate limiting: https://letsencrypt.org/docs/rate-limits
onDemand = false
# Enable certificate generation on frontends Host rules. This will request a certificate from Let's Encrypt for each frontend with a Host rule.
# For example, a rule Host:test1.traefik.io,test2.traefik.io will request a certificate with main domain test1.traefik.io and SAN test2.traefik.io.
OnHostRule = true
acmeLogging = true
entryPoint = "https"
[acme.httpChallenge]
entryPoint = "http"
[[acme.domains]]
main = "sungryeol.xyz"
# [[acme.domains]]
# main = "www.sungryeol.xyz"
# [[acme.domains]]
# main = "api.sungryeol.xyz"
# [[acme.domains]]
# main = "traefik.sungryeol.xyz"
sans = ["sungryeol.xyz", "www.sungryeol.xyz", "api.sungryeol.xyz"]
# [[acme.domains]]
# main = "local2.com"
# sans = ["test1.local2.com", "test2x.local2.com"]
# [[acme.domains]]
# main = "local3.com"
# [[acme.domains]]
# main = "local4.com"
# REMOVE this section if you don't want the dashboard/API
[api]
entryPoint = "traefik"
dashboard = true
address = ":8080"
[retry]
[docker]
# Docker server endpoint. Can be a tcp or a unix socket endpoint.
endpoint = "unix:///var/run/docker.sock"
# Default domain used.
domain = "sungryeol.xyz"
# Can be overridden by setting the "traefik.domain" label on a container.
# domain = "YOUR_DEFAULT_DOMAIN"
# Enable watch docker changes
watch = true
# Expose containers by default in traefik
# If set to false, containers that don't have `traefik.enable=true` will be ignored
exposedbydefault = false
error log
time="2019-09-03T06:49:21Z" level=info msg="Using TOML configuration file /etc/traefik/traefik.toml"
time="2019-09-03T06:49:21Z" level=info msg="Traefik version v1.7.14 built on 2019-08-14_09:46:58AM"
time="2019-09-03T06:49:21Z" level=debug msg="Global configuration loaded {\"LifeCycle\":{\"RequestAcceptGraceTimeout\":0,\"GraceTimeOut\":10000000000},\"GraceTimeOut\":0,\"Debug\":false,\"CheckNewVersion\":true,\"SendAnonymousUsage\":false,\"AccessLogsFile\":\"\",\"AccessLog\":null,\"TraefikLogsFile\":\"\",\"TraefikLog\":null,\"Tracing\":null,\"LogLevel\":\"DEBUG\",\"EntryPoints\":{\"http\":{\"Address\":\":80\",\"TLS\":null,\"Redirect\":{\"entryPoint\":\"https\"},\"Auth\":null,\"WhitelistSourceRange\":null,\"WhiteList\":null,\"Compress\":false,\"ProxyProtocol\":null,\"ForwardedHeaders\":{\"Insecure\":true,\"TrustedIPs\":null}},\"https\":{\"Address\":\":443\",\"TLS\":{\"MinVersion\":\"\",\"CipherSuites\":null,\"Certificates\":null,\"ClientCAFiles\":null,\"ClientCA\":{\"Files\":null,\"Optional\":false},\"DefaultCertificate\":null,\"SniStrict\":false},\"Redirect\":null,\"Auth\":null,\"WhitelistSourceRange\":null,\"WhiteList\":null,\"Compress\":false,\"ProxyProtocol\":null,\"ForwardedHeaders\":{\"Insecure\":true,\"TrustedIPs\":null}},\"traefik\":{\"Address\":\":8080\",\"TLS\":null,\"Redirect\":null,\"Auth\":null,\"WhitelistSourceRange\":null,\"WhiteList\":null,\"Compress\":false,\"ProxyProtocol\":null,\"ForwardedHeaders\":{\"Insecure\":true,\"TrustedIPs\":null}}},\"Cluster\":null,\"Constraints\":[],\"ACME\":{\"Email\":\"sungryeolp@gmail.com\",\"Domains\":[{\"Main\":\"sungryeol.xyz\",\"SANs\":[\"sungryeol.xyz\",\"www.sungryeol.xyz\",\"api.sungryeol.xyz\"]}],\"Storage\":\"acme.json\",\"StorageFile\":\"\",\"OnDemand\":false,\"OnHostRule\":true,\"CAServer\":\"https://acme-v02.api.letsencrypt.org/directory\",\"EntryPoint\":\"https\",\"KeyType\":\"\",\"DNSChallenge\":null,\"HTTPChallenge\":{\"EntryPoint\":\"http\"},\"TLSChallenge\":null,\"DNSProvider\":\"\",\"DelayDontCheckDNS\":0,\"ACMELogging\":true,\"OverrideCertificates\":false,\"TLSConfig\":null},\"DefaultEntryPoints\":[\"http\",\"https\"],\"ProvidersThrottleDuration\":2000000000,\"MaxIdleConnsPerHost\":200,\"IdleTimeout\":0,\"InsecureSkipVerify\":false,\"RootCAs\":null,\"Retry\":{\"Attempts\":0},\"HealthCheck\":{\"Interval\":30000000000},\"RespondingTimeouts\":null,\"ForwardingTimeouts\":null,\"AllowMinWeightZero\":false,\"KeepTrailingSlash\":false,\"Web\":null,\"Docker\":{\"Watch\":true,\"Filename\":\"\",\"Constraints\":null,\"Trace\":false,\"TemplateVersion\":2,\"DebugLogGeneratedTemplate\":false,\"Endpoint\":\"unix:///var/run/docker.sock\",\"Domain\":\"sungryeol.xyz\",\"TLS\":null,\"ExposedByDefault\":false,\"UseBindPortIP\":false,\"SwarmMode\":false,\"Network\":\"\",\"SwarmModeRefreshSeconds\":15},\"File\":null,\"Marathon\":null,\"Consul\":null,\"ConsulCatalog\":null,\"Etcd\":null,\"Zookeeper\":null,\"Boltdb\":null,\"Kubernetes\":null,\"Mesos\":null,\"Eureka\":null,\"ECS\":null,\"Rancher\":null,\"DynamoDB\":null,\"ServiceFabric\":null,\"Rest\":null,\"API\":{\"EntryPoint\":\"traefik\",\"Dashboard\":true,\"Debug\":false,\"CurrentConfigurations\":null,\"Statistics\":null},\"Metrics\":null,\"Ping\":null,\"HostResolver\":null}"
time="2019-09-03T06:49:21Z" level=info msg="\nStats collection is disabled.\nHelp us improve Traefik by turning this feature on :)\nMore details on: https://docs.traefik.io/basics/#collected-data\n"
time="2019-09-03T06:49:21Z" level=debug msg="Setting Acme Certificate store from Entrypoint: https"
time="2019-09-03T06:49:21Z" level=debug msg="Creating entry point redirect http -> https"
time="2019-09-03T06:49:21Z" level=info msg="Preparing server http &{Address::80 TLS:<nil> Redirect:0xc0009059c0 Auth:<nil> WhitelistSourceRange:[] WhiteList:<nil> Compress:false ProxyProtocol:<nil> ForwardedHeaders:0xc000908760} with readTimeout=0s writeTimeout=0s idleTimeout=3m0s"
time="2019-09-03T06:49:21Z" level=info msg="Preparing server https &{Address::443 TLS:0xc0006490e0 Redirect:<nil> Auth:<nil> WhitelistSourceRange:[] WhiteList:<nil> Compress:false ProxyProtocol:<nil> ForwardedHeaders:0xc000908780} with readTimeout=0s writeTimeout=0s idleTimeout=3m0s"
time="2019-09-03T06:49:21Z" level=info msg="Starting server on :80"
time="2019-09-03T06:49:21Z" level=info msg="Preparing server traefik &{Address::8080 TLS:<nil> Redirect:<nil> Auth:<nil> WhitelistSourceRange:[] WhiteList:<nil> Compress:false ProxyProtocol:<nil> ForwardedHeaders:0xc0009087a0} with readTimeout=0s writeTimeout=0s idleTimeout=3m0s"
time="2019-09-03T06:49:21Z" level=info msg="Starting provider configuration.ProviderAggregator {}"
time="2019-09-03T06:49:21Z" level=info msg="Starting server on :443"
time="2019-09-03T06:49:21Z" level=info msg="Starting server on :8080"
time="2019-09-03T06:49:21Z" level=info msg="Starting provider *docker.Provider {\"Watch\":true,\"Filename\":\"\",\"Constraints\":null,\"Trace\":false,\"TemplateVersion\":2,\"DebugLogGeneratedTemplate\":false,\"Endpoint\":\"unix:///var/run/docker.sock\",\"Domain\":\"sungryeol.xyz\",\"TLS\":null,\"ExposedByDefault\":false,\"UseBindPortIP\":false,\"SwarmMode\":false,\"Network\":\"\",\"SwarmModeRefreshSeconds\":15}"
time="2019-09-03T06:49:21Z" level=info msg="Starting provider *acme.Provider {\"Email\":\"sungryeolp@gmail.com\",\"ACMELogging\":true,\"CAServer\":\"https://acme-v02.api.letsencrypt.org/directory\",\"Storage\":\"acme.json\",\"EntryPoint\":\"https\",\"KeyType\":\"\",\"OnHostRule\":true,\"OnDemand\":false,\"DNSChallenge\":null,\"HTTPChallenge\":{\"EntryPoint\":\"http\"},\"TLSChallenge\":null,\"Domains\":[{\"Main\":\"sungryeol.xyz\",\"SANs\":[\"sungryeol.xyz\",\"www.sungryeol.xyz\",\"api.sungryeol.xyz\"]}],\"Store\":{}}"
time="2019-09-03T06:49:21Z" level=info msg="Testing certificate renew..."
time="2019-09-03T06:49:21Z" level=debug msg="Configuration received from provider ACME: {}"
time="2019-09-03T06:49:21Z" level=debug msg="Looking for provided certificate(s) to validate [\"sungryeol.xyz\" \"sungryeol.xyz\" \"www.sungryeol.xyz\" \"api.sungryeol.xyz\"]..."
time="2019-09-03T06:49:21Z" level=debug msg="Domains [\"sungryeol.xyz\" \"sungryeol.xyz\" \"www.sungryeol.xyz\" \"api.sungryeol.xyz\"] need ACME certificates generation for domains \"sungryeol.xyz,sungryeol.xyz,www.sungryeol.xyz,api.sungryeol.xyz\"."
time="2019-09-03T06:49:21Z" level=debug msg="Loading ACME certificates [sungryeol.xyz sungryeol.xyz www.sungryeol.xyz api.sungryeol.xyz]..."
time="2019-09-03T06:49:21Z" level=info msg="The key type is empty. Use default key type 4096."
time="2019-09-03T06:49:21Z" level=debug msg="Provider connection established with docker 19.03.1 (API 1.40)"
time="2019-09-03T06:49:22Z" level=debug msg="originLabelsmap[com.docker.stack.namespace:docker-full-stack com.docker.swarm.node.id:ea91jgr6vf3mmw2qdr5xpzvt5 com.docker.swarm.service.id:ixwuycakypsysysmtwvysylu5 com.docker.swarm.service.name:docker-full-stack_api com.docker.swarm.task: com.docker.swarm.task.id:t3rh8mhsmlu4nouau54fjy1rg com.docker.swarm.task.name:docker-full-stack_api.1.t3rh8mhsmlu4nouau54fjy1rg traefik.backend:sungryeol-api traefik.docker.network:docker-full-stack_web traefik.enable:true traefik.frontend.rule:Host:api.sungryeol.xyz traefik.port:4000]"
time="2019-09-03T06:49:22Z" level=debug msg="allLabelsmap[:map[traefik.backend:sungryeol-api traefik.docker.network:docker-full-stack_web traefik.enable:true traefik.frontend.rule:Host:api.sungryeol.xyz traefik.port:4000]]"
time="2019-09-03T06:49:22Z" level=debug msg="Filtering disabled container /docker-full-stack_db.1.zad0k0r4y1vdl9cldy5fdprvz"
time="2019-09-03T06:49:22Z" level=debug msg="originLabelsmap[REACT_APP_API_URL:api.sungryeol.xyz com.docker.stack.namespace:docker-full-stack com.docker.swarm.node.id:ea91jgr6vf3mmw2qdr5xpzvt5 com.docker.swarm.service.id:i8n6940odownseaodfmrmal1h com.docker.swarm.service.name:docker-full-stack_frontend com.docker.swarm.task: com.docker.swarm.task.id:sviijtjgm4k4bhbcncbba0ndv com.docker.swarm.task.name:docker-full-stack_frontend.1.sviijtjgm4k4bhbcncbba0ndv traefik.backend:sungryeol-frontend traefik.docker.network:docker-full-stack_web traefik.enable:true traefik.frontend.rule:Host:sungryeol.xyz,www.sungryeol.xyz traefik.port:3000]"
time="2019-09-03T06:49:22Z" level=debug msg="allLabelsmap[:map[traefik.backend:sungryeol-frontend traefik.docker.network:docker-full-stack_web traefik.enable:true traefik.frontend.rule:Host:sungryeol.xyz,www.sungryeol.xyz traefik.port:3000]]"
time="2019-09-03T06:49:22Z" level=debug msg="Filtering disabled container /docker-full-stack_traefik.1.i75hknrhdp8dasag0h0vwpweb"
time="2019-09-03T06:49:22Z" level=debug msg="originLabelsmap[com.docker.stack.namespace:docker-full-stack com.docker.swarm.node.id:ea91jgr6vf3mmw2qdr5xpzvt5 com.docker.swarm.service.id:ixwuycakypsysysmtwvysylu5 com.docker.swarm.service.name:docker-full-stack_api com.docker.swarm.task: com.docker.swarm.task.id:t3rh8mhsmlu4nouau54fjy1rg com.docker.swarm.task.name:docker-full-stack_api.1.t3rh8mhsmlu4nouau54fjy1rg traefik.backend:sungryeol-api traefik.docker.network:docker-full-stack_web traefik.enable:true traefik.frontend.rule:Host:api.sungryeol.xyz traefik.port:4000]"
time="2019-09-03T06:49:22Z" level=debug msg="allLabelsmap[:map[traefik.backend:sungryeol-api traefik.docker.network:docker-full-stack_web traefik.enable:true traefik.frontend.rule:Host:api.sungryeol.xyz traefik.port:4000]]"
time="2019-09-03T06:49:22Z" level=debug msg="originLabelsmap[REACT_APP_API_URL:api.sungryeol.xyz com.docker.stack.namespace:docker-full-stack com.docker.swarm.node.id:ea91jgr6vf3mmw2qdr5xpzvt5 com.docker.swarm.service.id:i8n6940odownseaodfmrmal1h com.docker.swarm.service.name:docker-full-stack_frontend com.docker.swarm.task: com.docker.swarm.task.id:sviijtjgm4k4bhbcncbba0ndv com.docker.swarm.task.name:docker-full-stack_frontend.1.sviijtjgm4k4bhbcncbba0ndv traefik.backend:sungryeol-frontend traefik.docker.network:docker-full-stack_web traefik.enable:true traefik.frontend.rule:Host:sungryeol.xyz,www.sungryeol.xyz traefik.port:3000]"
time="2019-09-03T06:49:22Z" level=debug msg="allLabelsmap[:map[traefik.backend:sungryeol-frontend traefik.docker.network:docker-full-stack_web traefik.enable:true traefik.frontend.rule:Host:sungryeol.xyz,www.sungryeol.xyz traefik.port:3000]]"
time="2019-09-03T06:49:22Z" level=debug msg="Backend backend-sungryeol-frontend: no load-balancer defined, fallback to 'wrr' method"
time="2019-09-03T06:49:22Z" level=debug msg="Backend backend-sungryeol-api: no load-balancer defined, fallback to 'wrr' method"
time="2019-09-03T06:49:22Z" level=debug msg="Configuration received from provider docker: {\"backends\":{\"backend-sungryeol-api\":{\"servers\":{\"server-docker-full-stack-api-1-t3rh8mhsmlu4nouau54fjy1rg-5aa345885917b259a8bd8d6a7adf9b53\":{\"url\":\"http://10.0.29.10:4000\",\"weight\":1}},\"loadBalancer\":{\"method\":\"wrr\"}},\"backend-sungryeol-frontend\":{\"servers\":{\"server-docker-full-stack-frontend-1-sviijtjgm4k4bhbcncbba0ndv-9b9334caa1357787b32b5af21a8f45a0\":{\"url\":\"http://10.0.29.6:3000\",\"weight\":1}},\"loadBalancer\":{\"method\":\"wrr\"}}},\"frontends\":{\"frontend-Host-api-sungryeol-xyz-0\":{\"entryPoints\":[\"http\",\"https\"],\"backend\":\"backend-sungryeol-api\",\"routes\":{\"route-frontend-Host-api-sungryeol-xyz-0\":{\"rule\":\"Host:api.sungryeol.xyz\"}},\"passHostHeader\":true,\"priority\":0,\"basicAuth\":null},\"frontend-Host-sungryeol-xyz-www-sungryeol-xyz-1\":{\"entryPoints\":[\"http\",\"https\"],\"backend\":\"backend-sungryeol-frontend\",\"routes\":{\"route-frontend-Host-sungryeol-xyz-www-sungryeol-xyz-1\":{\"rule\":\"Host:sungryeol.xyz,www.sungryeol.xyz\"}},\"passHostHeader\":true,\"priority\":0,\"basicAuth\":null}}}"
time="2019-09-03T06:49:22Z" level=info msg="Server configuration reloaded on :80"
time="2019-09-03T06:49:22Z" level=info msg="Server configuration reloaded on :443"
time="2019-09-03T06:49:22Z" level=info msg="Server configuration reloaded on :8080"
time="2019-09-03T06:49:23Z" level=debug msg="Wiring frontend frontend-Host-api-sungryeol-xyz-0 to entryPoint http"
time="2019-09-03T06:49:23Z" level=debug msg="Creating backend backend-sungryeol-api"
time="2019-09-03T06:49:23Z" level=debug msg="Creating load-balancer wrr"
time="2019-09-03T06:49:23Z" level=debug msg="Creating server server-docker-full-stack-api-1-t3rh8mhsmlu4nouau54fjy1rg-5aa345885917b259a8bd8d6a7adf9b53 at http://10.0.29.10:4000 with weight 1"
time="2019-09-03T06:49:23Z" level=debug msg="Creating retries max attempts 1"
time="2019-09-03T06:49:23Z" level=debug msg="Creating route route-frontend-Host-api-sungryeol-xyz-0 Host:api.sungryeol.xyz"
time="2019-09-03T06:49:23Z" level=debug msg="Wiring frontend frontend-Host-api-sungryeol-xyz-0 to entryPoint https"
time="2019-09-03T06:49:23Z" level=debug msg="Creating backend backend-sungryeol-api"
time="2019-09-03T06:49:23Z" level=debug msg="Creating load-balancer wrr"
time="2019-09-03T06:49:23Z" level=debug msg="Creating server server-docker-full-stack-api-1-t3rh8mhsmlu4nouau54fjy1rg-5aa345885917b259a8bd8d6a7adf9b53 at http://10.0.29.10:4000 with weight 1"
time="2019-09-03T06:49:23Z" level=debug msg="Creating retries max attempts 1"
time="2019-09-03T06:49:23Z" level=debug msg="Creating route route-frontend-Host-api-sungryeol-xyz-0 Host:api.sungryeol.xyz"
time="2019-09-03T06:49:23Z" level=debug msg="Wiring frontend frontend-Host-sungryeol-xyz-www-sungryeol-xyz-1 to entryPoint http"
time="2019-09-03T06:49:23Z" level=debug msg="Creating backend backend-sungryeol-frontend"
time="2019-09-03T06:49:23Z" level=debug msg="Creating load-balancer wrr"
time="2019-09-03T06:49:23Z" level=debug msg="Creating server server-docker-full-stack-frontend-1-sviijtjgm4k4bhbcncbba0ndv-9b9334caa1357787b32b5af21a8f45a0 at http://10.0.29.6:3000 with weight 1"
time="2019-09-03T06:49:23Z" level=debug msg="Creating retries max attempts 1"
time="2019-09-03T06:49:23Z" level=debug msg="Creating route route-frontend-Host-sungryeol-xyz-www-sungryeol-xyz-1 Host:sungryeol.xyz,www.sungryeol.xyz"
time="2019-09-03T06:49:23Z" level=debug msg="Wiring frontend frontend-Host-sungryeol-xyz-www-sungryeol-xyz-1 to entryPoint https"
time="2019-09-03T06:49:23Z" level=debug msg="Creating backend backend-sungryeol-frontend"
time="2019-09-03T06:49:23Z" level=debug msg="Creating load-balancer wrr"
time="2019-09-03T06:49:23Z" level=debug msg="Creating server server-docker-full-stack-frontend-1-sviijtjgm4k4bhbcncbba0ndv-9b9334caa1357787b32b5af21a8f45a0 at http://10.0.29.6:3000 with weight 1"
time="2019-09-03T06:49:23Z" level=debug msg="Creating retries max attempts 1"
time="2019-09-03T06:49:23Z" level=debug msg="Creating route route-frontend-Host-sungryeol-xyz-www-sungryeol-xyz-1 Host:sungryeol.xyz,www.sungryeol.xyz"
time="2019-09-03T06:49:23Z" level=info msg="Server configuration reloaded on :80"
time="2019-09-03T06:49:23Z" level=info msg="Server configuration reloaded on :443"
time="2019-09-03T06:49:23Z" level=info msg="Server configuration reloaded on :8080"
time="2019-09-03T06:49:23Z" level=debug msg="Try to challenge certificate for domain [api.sungryeol.xyz] founded in Host rule"
time="2019-09-03T06:49:23Z" level=debug msg="Try to challenge certificate for domain [sungryeol.xyz www.sungryeol.xyz] founded in Host rule"
time="2019-09-03T06:49:23Z" level=debug msg="Looking for provided certificate(s) to validate [\"sungryeol.xyz\" \"www.sungryeol.xyz\"]..."
time="2019-09-03T06:49:23Z" level=debug msg="No ACME certificate generation required for domains [\"sungryeol.xyz\" \"www.sungryeol.xyz\"]."
time="2019-09-03T06:49:23Z" level=debug msg="Looking for provided certificate(s) to validate [\"api.sungryeol.xyz\"]..."
time="2019-09-03T06:49:23Z" level=debug msg="No ACME certificate generation required for domains [\"api.sungryeol.xyz\"]."
time="2019-09-03T06:49:24Z" level=debug msg="Building ACME client..."
time="2019-09-03T06:49:24Z" level=debug msg="https://acme-v02.api.letsencrypt.org/directory"
time="2019-09-03T06:49:24Z" level=info msg=Register...
time="2019-09-03T06:49:24Z" level=info msg="legolog: [INFO] acme: Registering account for sungryeolp@gmail.com"
time="2019-09-03T06:49:25Z" level=debug msg="Using HTTP Challenge provider."
time="2019-09-03T06:49:25Z" level=info msg="legolog: [INFO] [sungryeol.xyz, sungryeol.xyz, www.sungryeol.xyz, api.sungryeol.xyz] acme: Obtaining bundled SAN certificate"
time="2019-09-03T06:49:26Z" level=info msg="legolog: [INFO] [api.sungryeol.xyz] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/172431861"
time="2019-09-03T06:49:26Z" level=info msg="legolog: [INFO] [sungryeol.xyz] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/172431862"
time="2019-09-03T06:49:26Z" level=info msg="legolog: [INFO] [www.sungryeol.xyz] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/172431865"
time="2019-09-03T06:49:26Z" level=info msg="legolog: [INFO] [api.sungryeol.xyz] acme: Could not find solver for: tls-alpn-01"
time="2019-09-03T06:49:26Z" level=info msg="legolog: [INFO] [api.sungryeol.xyz] acme: use http-01 solver"
time="2019-09-03T06:49:26Z" level=info msg="legolog: [INFO] [sungryeol.xyz] acme: Could not find solver for: tls-alpn-01"
time="2019-09-03T06:49:26Z" level=info msg="legolog: [INFO] [sungryeol.xyz] acme: use http-01 solver"
time="2019-09-03T06:49:26Z" level=info msg="legolog: [INFO] [www.sungryeol.xyz] acme: Could not find solver for: tls-alpn-01"
time="2019-09-03T06:49:26Z" level=info msg="legolog: [INFO] [www.sungryeol.xyz] acme: use http-01 solver"
time="2019-09-03T06:49:26Z" level=info msg="legolog: [INFO] [api.sungryeol.xyz] acme: Trying to solve HTTP-01"
time="2019-09-03T06:51:16Z" level=info msg="legolog: [INFO] [sungryeol.xyz] acme: Trying to solve HTTP-01"
time="2019-09-03T06:51:16Z" level=debug msg="Unable to split host and port: address sungryeol.xyz: missing port in address. Fallback to request host."
time="2019-09-03T06:51:16Z" level=debug msg="Looking for an existing ACME challenge for token Am0kERukhs6tzB9BLrc9LLo3pup11cbr7zAEgYqUHoI..."
time="2019-09-03T06:51:16Z" level=debug msg="Unable to split host and port: address sungryeol.xyz: missing port in address. Fallback to request host."
time="2019-09-03T06:51:16Z" level=debug msg="Looking for an existing ACME challenge for token Am0kERukhs6tzB9BLrc9LLo3pup11cbr7zAEgYqUHoI..."
time="2019-09-03T06:51:23Z" level=info msg="legolog: [INFO] [sungryeol.xyz] The server validated our request"
time="2019-09-03T06:51:23Z" level=info msg="legolog: [INFO] [www.sungryeol.xyz] acme: Trying to solve HTTP-01"
time="2019-09-03T06:53:10Z" level=debug msg="Serving default cert for request: \"sungryeol.xyz\""
time="2019-09-03T06:53:10Z" level=debug msg="Serving default cert for request: \"sungryeol.xyz\""
time="2019-09-03T06:53:10Z" level=debug msg="Serving default cert for request: \"sungryeol.xyz\""
time="2019-09-03T06:53:10Z" level=debug msg="Serving default cert for request: \"sungryeol.xyz\""
time="2019-09-03T06:53:15Z" level=debug msg="Serving default cert for request: \"sungryeol.xyz\""
time="2019-09-03T06:53:15Z" level=debug msg="Serving default cert for request: \"sungryeol.xyz\""
time="2019-09-03T06:53:21Z" level=debug msg="Serving default cert for request: \"sungryeol.xyz\""
time="2019-09-03T06:53:21Z" level=debug msg="Serving default cert for request: \"sungryeol.xyz\""
time="2019-09-03T06:53:22Z" level=info msg="legolog: [INFO] Unable to deactivate the authorization: https://acme-v02.api.letsencrypt.org/acme/authz-v3/172431861"
time="2019-09-03T06:53:22Z" level=info msg="legolog: [INFO] Unable to deactivate the authorization: https://acme-v02.api.letsencrypt.org/acme/authz-v3/172431865"
time="2019-09-03T06:53:22Z" level=error msg="Unable to obtain ACME certificate for domains \"sungryeol.xyz,sungryeol.xyz,www.sungryeol.xyz,api.sungryeol.xyz\" : unable to generate a certificate for the domains [sungryeol.xyz sungryeol.xyz www.sungryeol.xyz api.sungryeol.xyz]: acme: Error -> One or more domains had a problem:\n[api.sungryeol.xyz] acme: error: 400 :: urn:ietf:params:acme:error:connection :: Fetching http://api.sungryeol.xyz/.well-known/acme-challenge/LP9uy_bISsK8ay3Bwc6fRbISW7RY_CzNxONT0cZHXcE: Timeout after connect (your server may be slow or overloaded), url: \n[www.sungryeol.xyz] acme: error: 400 :: urn:ietf:params:acme:error:connection :: Fetching http://www.sungryeol.xyz/.well-known/acme-challenge/A2-CqeR0io0xh8KYNfHhY_uYCSb2RuUFKurEoXiTymM: Timeout after connect (your server may be slow or overloaded), url: \n"
time="2019-09-03T06:53:54Z" level=debug msg="Serving default cert for request: \"sungryeol.xyz\""
time="2019-09-03T06:53:54Z" level=debug msg="Serving default cert for request: \"sungryeol.xyz\""