addons: Duck DNS: can't renew
The problem
Whenever addon tries to renew the certificate from Letsencryt it fails.
Environment
- Add-on with the issue: Duck DNS
- Add-on release with the issue: 1.12.4
- Last working add-on release (if known): no idea
- Operating environment (OS/Supervised): HassOS 4.15
Problem-relevant configuration
lets_encrypt:
accept_terms: true
certfile: fullchain.pem
keyfile: privkey.pem
token: xxxxxxxxxxxxxxxxxxxxxxxxxx
domains:
- xxxxxxx.duckdns.org
aliases: []
seconds: 300
Traceback/Error logs
addon logs:
[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] done.
[services.d] starting services
[services.d] done.
# INFO: Using main config file /data/workdir/config
+ Account already registered!
[01:29:46] INFO: OK
2.83.208.156
NOCHANGE
# INFO: Using main config file /data/workdir/config
Processing xxxxxxxxxx.duckdns.org
+ Checking domain name(s) of existing cert... unchanged.
+ Checking expire date of existing cert...
+ Valid till Nov 13 23:25:36 2020 GMT Certificate will expire
(Less than 30 days). Renewing!
+ Signing domains...
+ Generating private key...
+ Generating signing request...
+ Requesting new certificate order from CA...
+ ERROR: An error occurred while sending head-request to https://acme-v02.api.letsencrypt.org/acme/new-nonce (Status 000)
Details:
ERROR: Problem connecting to server (post for https://acme-v02.api.letsencrypt.org/acme/new-order; curl returned with 7)
acme-v02.api.letsencrypt.org reachable from host:
➜ ~ dig acme-v02.api.letsencrypt.org
; <<>> DiG 9.16.6 <<>> acme-v02.api.letsencrypt.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11071
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: e05a4e4198d98267 (echoed)
;; QUESTION SECTION:
;acme-v02.api.letsencrypt.org. IN A
;; ANSWER SECTION:
acme-v02.api.letsencrypt.org. 10 IN CNAME prod.api.letsencrypt.org.
prod.api.letsencrypt.org. 10 IN CNAME ca80a1adb12a4fbdac5ffcbc944e9a61.pacloudflare.com.
ca80a1adb12a4fbdac5ffcbc944e9a61.pacloudflare.com. 10 IN A 172.65.32.248
;; Query time: 20 msec
;; SERVER: 172.30.32.3#53(172.30.32.3)
;; WHEN: Sat Oct 31 02:12:05 2020
;; MSG SIZE rcvd: 287
duckdns.org reachable from host:
➜ ~ dig duckdns.org
; <<>> DiG 9.16.6 <<>> duckdns.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29814
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: b03a4b52438c318e (echoed)
;; QUESTION SECTION:
;duckdns.org. IN A
;; ANSWER SECTION:
duckdns.org. 10 IN A 44.230.159.203
;; Query time: 180 msec
;; SERVER: 172.30.32.3#53(172.30.32.3)
;; WHEN: Sat Oct 31 02:12:22 2020
;; MSG SIZE rcvd: 79
Additional information
There is older reports and seems that the problem persists:
About this issue
- Original URL
- State: closed
- Created 4 years ago
- Reactions: 2
- Comments: 16
Yep, me too.
The problem is still existing for me; any other voices?
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.