Certbot can not startup

[heimuya]

Info:

• Docker version (Docker version 17.03.1-ce, build c6d412e):
• Laradock commit (05f8166bef6c3bdf769a71e3fd83368bd68722c3):
• System info (Linux):
• System info disto/version: Ubuntu 16.04.2 LTS

Issue:

when use docker-compose up -d nginx certbot to start the nginx and certbot container, the result is nginx container running, while certbot container's state is Exit.

what's more, I have replaced the email and domain content with my own infomation at certbot config section in dock-compose.yml file.

Is there any wrong? Hope someone can help. Thanks.

[vitoo]

What's the output of : docker-compose logs certbot

[heimuya]

@vitoo the output is

certbot_1              | Requested domain "edc.easygreat.net" is not a FQDN
certbot_1              | cp: cannot stat '/etc/letsencrypt/archive/"edc.easygreat.net"/cert1.pem': No such file or directory
certbot_1              | cp: cannot stat '/etc/letsencrypt/archive/"edc.easygreat.net"/privkey1.pem': No such file or directory

but I find the domain is ok. Thanks for your reply.

[vitoo]

Looks like certbot doesnt want your domain

[winfried-van-loon]

I'm not sure if it's part (or the cause of) the problem, however those " symbols look strange there. Could it be the cause of the issue?

[kirtangajjar]

@winfried-van-loon @heimuya Excatly, I had the same problem. Turns out, you have to change
CN="fake.domain.com" to CN=fake.domain.com

[JIFT]

Not working for me.

Failed authorization procedure. letterswar.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://xxxxx.com/.well-known/acme-challenge/Gnq1fgpCJFYkH2cAHABN1l1i0cBIDS45LQ3wLVkXXXX: "
certbot_1 | <title>404 Not Found</title>

certbot_1 | cp: cannot stat '/etc/letsencrypt/archive/xxxx.com/cert1.pem': No such file or directory
certbot_1 | cp: cannot stat '/etc/letsencrypt/archive/xxxx.com/privkey1.pem': No such file or directory

[doghap]

@JIFT put this code into you nginx config:

 location /.well-known/acme-challenge/ {
        root /var/www/laradock/certbot/letsencrypt/;
        log_not_found off;
    }

letsencript generate .well-known/acme-challenge/xxxxxxxxxx files in to /laradock/certbot/letsencrypt folder. you can find your certs in laradock/data/certbot/certs/

[heshuo13]

Not working for me.

404 Not Found
help

[heshuo13]

The following errors were reported by the server:

Domain: *****
Type: unauthorized
Detail: Invalid response from http://******/.well-
known/acme-challenge/6uE4HCVIZ7xN4Y4PH-wI1bOYIAbMu8qc1Gejxbp62CA:
"

<title>404 Not Found</title>

404 Not Found

---

"

To fix these errors, please make sure that your domain name was
entered correctly and the DNS A record(s) for that domain
contain(s) the right IP address.

[JIFT]

The error was fixed when I add the certs volume to the docker-compose.yml
applications:
image: tianon/true
volumes:
- ./data/certbot/certs/:/var/certs

[heshuo13]

@JIFT i want to know you config, nginx and certbot

[Ishodnikov]

Add to nginx section in docker-compose.yml
nginx:
volumes:
- ./data/certbot/certs/:/var/certs
- ./certbot/letsencrypt/:/var/www/letsencrypt

[Trexology]

@Ishodnikov Hi, i tried adding the

volumes:

• ./data/certbot/certs/:/var/certs
• ./certbot/letsencrypt/:/var/www/letsencrypt

under my apache2 section but somehow it does not work

    apache2:
      build:
        context: ./apache2
        args:
          - PHP_UPSTREAM_CONTAINER=${APACHE_PHP_UPSTREAM_CONTAINER}
          - PHP_UPSTREAM_PORT=${APACHE_PHP_UPSTREAM_PORT}
          - PHP_UPSTREAM_TIMEOUT=${APACHE_PHP_UPSTREAM_TIMEOUT}
          - DOCUMENT_ROOT=${APACHE_DOCUMENT_ROOT}
      volumes:
        - ${APP_CODE_PATH_HOST}:${APP_CODE_PATH_CONTAINER}
        - ${APACHE_HOST_LOG_PATH}:/var/log/apache2
        - ${APACHE_SITES_PATH}:/etc/apache2/sites-available
        - ./data/certbot/certs/:/var/certs
        - ./certbot/letsencrypt/:/var/www/letsencrypt

[webfacer]

if anybody have probs with that @kirtangajjar and @winfried-van-loon solves also for me the issue.
also i had to change the "run-certbot.sh" to being able to add a second name as an example:
CN=example.com,www.example.com so i add a few lines because the certbot will crush if not. It will set the exat name as folder but this will follow with an exception. so the lines are:

#!/bin/bash

letsencrypt certonly --webroot -w /var/www/letsencrypt -d "$CN" --agree-tos --email "$EMAIL" --non-interactive --text

IFS=',' read -ra ADDR <<< "$CN"
cp /etc/letsencrypt/archive/"${ADDR[0]}"/cert1.pem /var/certs/cert1.pem
cp /etc/letsencrypt/archive/"${ADDR[0]}"/privkey1.pem /var/certs/privkey1.pem

the copy line will only take the first occuring domain name and take it as foldername. May be we can add this as a patch?

[stale]

Hi 👋 this issue has been automatically marked as stale 📌 because it has not had recent activity 😴. It will be closed if no further activity occurs. Thank you for your contributions ❤️.

[stale]

Hi again 👋 we would like to inform you that this issue has been automatically closed 🔒 because it had not recent activity during the stale period. We really really appreciate your contributions, and looking forward for more in the future 🎈.

[Whosc]

Add to nginx section in docker-compose.yml
nginx:
volumes:

• ./data/certbot/certs/:/var/certs
• ./certbot/letsencrypt/:/var/www/letsencrypt

Hi,it still not work for me, please help me out, thx

[bobbysiagian00]

Add to nginx section in docker-compose.yml
nginx:
volumes:

• ./data/certbot/certs/:/var/certs
• ./certbot/letsencrypt/:/var/www/letsencrypt

Hi,it still not work for me, please help me out, thx

have you used the latest version?
i think it was already there,

Certbot

certbot:
  build:
    context: ./certbot
  volumes:
    - ./data/certbot/certs/:/var/certs
    - ./certbot/letsencrypt/:/var/www/letsencrypt
  environment:
    - CN="something.com"
    - EMAIL="your@email.com"
  networks:
    - frontend

[Whosc]

Add to nginx section in docker-compose.yml
nginx:
volumes:

• ./data/certbot/certs/:/var/certs
• ./certbot/letsencrypt/:/var/www/letsencrypt

Hi,it still not work for me, please help me out, thx

have you used the latest version?
i think it was already there,

Certbot

certbot:
  build:
    context: ./certbot
  volumes:
    - ./data/certbot/certs/:/var/certs
    - ./certbot/letsencrypt/:/var/www/letsencrypt
  environment:
    - CN="something.com"
    - EMAIL="your@email.com"
  networks:
    - frontend

Yes, latest version! I had checked that you mentioned. But it still not work for me ！

[multiarts]

Not work for me, Log certbot.

docker-compose logs certbot
Attaching to laradock_certbot_1
certbot_1 | Saving debug log to /var/log/letsencrypt/letsencrypt.log
certbot_1 | Plugins selected: Authenticator webroot, Installer None
certbot_1 | Unable to register an account with ACME server
certbot_1 | cp: cannot stat '/etc/letsencrypt/archive/beauty.test/cert1.pem': No such file or directory
certbot_1 | cp: cannot stat '/etc/letsencrypt/archive/beauty.test/privkey1.pem': No such file or directory
certbot_1 | Saving debug log to /var/log/letsencrypt/letsencrypt.log
certbot_1 | Plugins selected: Authenticator webroot, Installer None
certbot_1 | Unable to register an account with ACME server
certbot_1 | cp: cannot stat '/etc/letsencrypt/archive/beauty.test/cert1.pem': No such file or directory
certbot_1 | cp: cannot stat '/etc/letsencrypt/archive/beauty.test/privkey1.pem': No such file or directory

[ghost]

Who has the solution for this please?

[senter-logistics]

+1

[helloeyesimple]

for those who have this issue, just delete " on your docker-compose.yml
both for $CN and $EMAIL