I tried to upgrade my swag server and switch from docker cli to docker compose at the same time. Since it didn’t work right away, it took me several tries. So far all without success.
The input of docker logs -f swag currently shows me the following error:
Using Let's Encrypt as the cert provider
SUBDOMAINS entered, processing
Wildcard cert for <my_domain>.duckdns.org will be requested
No e-mail address entered or address invalid
duckdns validation is selected the resulting certificate will only cover the subdomains due to a limitation of duckdns, so it is advised to set the root location to use www.subdomain.duckdns.org
Different validation parameters entered than what was used before. Revoking and deleting existing certificate, and an updated one will be created
Generating new certificate
Account registered.
Requesting a certificate for *.<my_domain>.duckdns.org
Saving debug log to /var/log/letsencrypt/letsencrypt.log
An unexpected error occurred:
There were too many requests of a given type :: Error creating new order :: too many certificates (5) already issued for this exact set of domains in the last 168 hours: *.h0m5.duckdns.org: see https://letsencrypt.org/docs/rate-limits/
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
ERROR: Cert does not exist! Please see the validation error above. Make sure your DUCKDNSTOKEN is correct.
Is there a possibility to set up swag to use an older certificate or do I have to wait 186 hours?
@aptalca, thank you for your replay. I try it with a different address, but now I get the error below.
Any ideas, what can I do?
The token for duckdns I have checked, it is correct.
In the user date of the docker container the folder /var/log/letsencrypt is empty.
Requesting a certificate for *.<my_new_domain>.duckdns.org
Hook '--manual-auth-hook' for <my_new_domain>.duckdns.org ran with output:
KOsleeping 60
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Hook '--manual-auth-hook' for <my_new_domain>.duckdns.org ran with error output:
% Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
100 2 0 2 0 0 3 0 --:--:-- --:--:-- --:--:-- 3
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0curl: (6) Could not resolve host:xsd&txt=VzNGeo_87Ca_8N8TYE
Certbot failed to authenticate some domains (authenticator: manual). The Certificate Authority reported these problems:
Domain: <my_new_domain>.duckdns.org
Type: unauthorized
Detail: Incorrect TXT record "" found at _acme-challenge.<my_new_domain>.duckdns.org
Hint: The Certificate Authority failed to verify the DNS TXT records created by the --manual-auth-hook. Ensure that this hook is functioning correctly and that it waits a sufficient duration of time for DNS propagation. Refer to "certbot --help manual" and the Certbot User Guide.
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
ERROR: Cert does not exist! Please see the validation error above. Make sure your DUCKDNSTOKEN is correct.
This yaml file creates a network called swag_default. In the past I created swag and nextcloud via docker cli. As described in the swag online help I used for this config the liso network. Because the yaml file uses swag_default, I changed nextcloud to swag-default network too.
Hello @aptalca ,
When I read your answer, I first thought that the space was accidentally created during anonymizing the token. Checking my yaml file there was indeed a space. Bummer.