Letsencrypt | Unable to access Nginx Server

I am unable to access the nginx server when using the Letsencrypt docker container (e.g. go to http://mydomain.com). It simply says Unable to Connect.

For a sanity check and ensuring no port issues, I tried docker run --name mynginx1 -p 80:80 -d nginx for which I am able to successfully connect to.

I’m obviously wanting to do more with this container, but struggling to get the very basic connection setup.

Here’s my docker-compose file:

    version: "2"
    services:
      letsencrypt:
        image: linuxserver/letsencrypt
        container_name: letsencrypt
        cap_add:
          - NET_ADMIN
        environment:
          - PUID=1000
          - PGID=1000
          - TZ=Europe/London
          - URL=XXX.com
          - SUBDOMAINS=wildcard
          - VALIDATION=http
          - EMAIL=e-mail #optional
          - DHLEVEL=2048 #optional
          - ONLY_SUBDOMAINS=false #optional
          - STAGING=false #optional
        volumes:
          - /docker/nginx/config:/config
        ports:
          - 443:443
          - 80:80 #optional
        restart: unless-stopped

Here’s the log:

    [cont-init.d] 10-adduser: exited 0.
    [cont-init.d] 20-config: executing... 
    [cont-init.d] 20-config: exited 0.
    [cont-init.d] 30-keygen: executing... 
    using keys found in /config/keys
    [cont-init.d] 30-keygen: exited 0.
    [cont-init.d] 50-config: executing... 
    Variables set:
    PUID=1000
    PGID=1000
    TZ=Europe/London
    URL=XXX.com
    SUBDOMAINS=wildcard
    EXTRA_DOMAINS=
    ONLY_SUBDOMAINS=false
    DHLEVEL=2048
    VALIDATION=http
    DNSPLUGIN=
    EMAIL=e-mail
    STAGING=false

    2048 bit DH parameters present
    SUBDOMAINS entered, processing
    Wildcard cert for XXX will be requested
    No e-mail address entered or address invalid
    http validation is selected
    Generating new certificate
    Saving debug log to /var/log/letsencrypt/letsencrypt.log
    Plugins selected: Authenticator standalone, Installer None
    Obtaining a new certificate
    Performing the following challenges:
    Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA. You may need to use an authenticator plugin that can do challenges over DNS.
    Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA. You may need to use an authenticator plugin that can do challenges over DNS.
    ERROR: Cert does not exist! Please see the validation error above. The issue may be due to incorrect dns or port forwarding settings. Please fix your settings and recreate the container

Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA. You may need to use an authenticator plugin that can do challenges over DNS.

You can’t do wildcard with http validation

Crap, I knew that. …fixed that (and it got rid of that specific error), however, when I still try to get to my website, it stlil says unable to connect? I’d expect to have it load index.html in the www folder.

Nginx won’t come up unless you have successful cert creation

Ahh…ok. So its a chicken and egg problem? Trying to host a simple static website as part of this container, so I’m unable to get the certs because nginx can’t start first because no certs can be created.

…I’m trying to follow: https://blog.linuxserver.io/2019/04/25/letsencrypt-nginx-starter-guide/#webhostingexamples

Certbot uses its own webserver during validation. Nothing to do with nginx.

If all your environment variables, port forwarding and dns records are correct, certbot will generate the certs, and then nginx will start with the certs loaded.

Check the docker logs to see why validation is failing

Thanks…after clearing cache, that did the trick.

This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.