Letsencrypt - Cert does not exist!

m74 · 6 June 2020 08:10

Hi, i have some trouble with the letsencrypt container.
I set it up for my ‘main’ subdomain with DuckDNS and it seems that the certificates are generated correctly, i use them with another nginx container.
But at the end of the generation process, theres an error

IMPORTANT NOTES: le-test | - Congratulations! Your certificate and chain have been saved at: le-test | /etc/letsencrypt/live/baby-yoda.duckdns.org/fullchain.pem le-test | Your key file has been saved at: le-test | /etc/letsencrypt/live/baby-yoda.duckdns.org/privkey.pem le-test | Your cert will expire on 2020-09-04. To obtain a new or tweaked le-test | version of this certificate in the future, simply run certbot le-test | again. To non-interactively renew *all* of your certificates, run le-test | "certbot renew" le-test | - Your account credentials have been saved in your Certbot le-test | configuration directory at /etc/letsencrypt. You should make a le-test | secure backup of this folder now. This configuration directory will le-test | also contain certificates and private keys obtained by Certbot so le-test | making regular backups of this folder is ideal. le-test | - If you like Certbot, please consider supporting our work by: le-test | le-test | Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate le-test | Donating to EFF: https://eff.org/donate-le le-test | ERROR: Cert does not exist! Please see the validation error above. Make sure your DUCKDNSTOKEN is correct.

I tried it with another subdomain, also hosted by DuckDNS, same result.
My docker-compose.yml if needed

version: “2.1”
services:
letsencrypt:
image: linuxserver/letsencrypt
container_name: le-test
cap_add:
- NET_ADMIN
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/Berlin
- URL=baby-yoda.duckdns.org
- SUBDOMAINS=
- VALIDATION=duckdns
# - DNSPLUGIN=cloudflare #optional
# - PROPAGATION= #optional
- DUCKDNSTOKEN=my_token
- EMAIL=
- DHLEVEL=2048 #optional
- ONLY_SUBDOMAINS=true #optional
# - EXTRA_DOMAINS= #optional
- STAGING=false #optional
volumes:
- /mnt/usb/docker/le-test/config:/config
ports:
- 443:443
- 80:80 #optional
restart: unless-stopped

aptalca · 6 June 2020 15:21

That usually happens when there are filesystem issues like not being able to create the symlinks necessary (or if you used capital letters in the url)

m74 · 7 June 2020 06:08

The symlinks are created.
I use the generated certificates already with another nginx container.

driz · 7 June 2020 14:08

If you follow our readme’s instructions and don’t copy things into our container from elsewhere, does it work as intended?

sven · 21 September 2020 22:23

I might have the same issue. Opened issue on github with full log

driz · 22 September 2020 13:34

Are you able to reproduce this behavior when not using portainer? We do not support portainer here. Our readme’s offer guidance to use docker compose or docker create/run. Portainer uses libcompose which is deprecated (and portainer does other non-standard things that cause issues)

sven · 23 September 2020 14:42

I tried hard to reproduce the error, but all I got was success. Used docker create and docker start.
By the way portainer still shows the image and the logs, so I can use it normally after initally setting up the container using docker directly.

Thank you for the rapid help, much appreciated

driz · 23 September 2020 15:16

anytime, portainer is great for looking at logs and statistics, but we see TONS of issues when users deploy containers with it, much like what you experienced here. Glad you got it sorted out and you’re operational now!

sven · 23 September 2020 15:29

I wasn’t even aware of the fact that it actually makes a difference. Thought it was just a GUI to run the docker command which would translate in the same result. D’oh