acme-companion: Cannot authorize any certs

I had this working PERFECTLY until I rebuilt my docker server recently.

Every container will not get a valid certificate. I’m currently using jwilder’s nginx-proxy all in one container, but I have tried the separate official nginx and jwilder/docker-gen. I am having the same issue every time.

I am currently built this way:

jwilder/nginx-proxy:

docker run -d -p 80:80 -p 443:443 --restart=always \ --name nginx-proxy \ -v /etc/nginx/certs:/etc/nginx/certs:ro \ -v /etc/nginx/vhost.d:/etc/nginx/vhost.d \ -v /usr/share/nginx/html \ -v /var/run/docker.sock:/tmp/docker.sock:ro \ jwilder/nginx-proxy

then this container:

docker run -d --restart always --name nginx_certs \ -v /etc/nginx/certs:/etc/nginx/certs:rw \ --volumes-from nginx-proxy \ -v /var/run/docker.sock:/var/run/docker.sock:ro \ jrcs/letsencrypt-nginx-proxy-companion

EVERY SINGLE TIME… I get this in the logs of the companion container:

2016/12/02 01:42:22 Contents of /app/letsencrypt_service_data did not change. Skipping notification '/app/update_certs' R2016/12/02 01:42:22 Generated '/etc/nginx/conf.d/default.conf' from 10 containers ;2016/12/02 01:42:22 [notice] 42#42: signal process started Creating/renewal app.imnottellingyoumydomain.tld certificates... (app.imnotellingyoumydomain.tld) 2016-12-02 01:42:23,283:INFO:simp_le:1211: Generating new account key 2016-12-02 01:42:23,909:INFO:requests.packages.urllib3.connectionpool:756: Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org 2016-12-02 01:42:24,087:INFO:requests.packages.urllib3.connectionpool:756: Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org 2016-12-02 01:42:24,374:INFO:requests.packages.urllib3.connectionpool:756: Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org 2016-12-02 01:42:24,774:INFO:requests.packages.urllib3.connectionpool:756: Starting new HTTPS connection (1): letsencrypt.org 2016-12-02 01:42:25,509:INFO:requests.packages.urllib3.connectionpool:756: Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org 2016-12-02 01:42:25,754:INFO:requests.packages.urllib3.connectionpool:756: Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org 2016-12-02 01:42:26,181:INFO:requests.packages.urllib3.connectionpool:207: Starting new HTTP connection (1): app.imnottellingyoumydomain.tld 2016-12-02 01:42:26,251:INFO:simp_le:1305: app.imnottellingyoumydomain.tld was successfully self-verified 2016-12-02 01:42:26,270:INFO:requests.packages.urllib3.connectionpool:756: Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org 2016-12-02 01:42:26,479:INFO:simp_le:1313: Generating new certificate private key 2016-12-02 01:42:28,029:INFO:requests.packages.urllib3.connectionpool:756: Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org 2016-12-02 01:42:32,298:INFO:requests.packages.urllib3.connectionpool:756: Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org 2016-12-02 01:42:32,582:ERROR:simp_le:1271: CA marked some of the authorizations as invalid, which likely means it could not access http://example.com/.well-known/acme-challenge/X. Did you set correct path in -d example.com:path or --default_root? Is there a warning log entry about unsuccessful self-verification? Are all your domains accessible from the internet? Failing authorizations: https://acme-v01.api.letsencrypt.org/acme/authz/G-dC_gRcT5QWJjhbMDCtbrM0GBEHsQUd3o2BtBJ3ik0 Challenge validation has failed, see error log. Debugging tips: -v improves output verbosity. Help is available under --help.

I am using both VIRTUAL_HOST=app.imnottellingyoumydomain.tld and LETSENCRYPT_HOST=app.imnottellingyoumydomain.tld and LETSENCRYPT_EMAIL=youcanguessmyname@imnottellingyoumydomain.tld

Of course all of my domain and dns are set up correctly. Self signed certificates work fine.

Someone PLEASE.