0

I have a docker container with traefik and letsencrypt should provide the ssl certificate. Also i have allowed communication on port 80, 443 (and 22 for ssh, which works fine). There are nu further firewalls running on my server currently.

The error I get is:

level=error msg="Unable to obtain ACME certificate for domains "....": cannot get ACME client get directory at 'https://acme-v02.api.letsencrypt.org/directory': Get "https://acme-v02.api.letsencrypt.org/directory": dial tcp: lookup acme-v02.api.letsencrypt.org on 127.0.0.11:53: read udp 127.0.0.1:49988->127.0.0.11:53: i/o timeout" ACME CA="https://acme-v02.api.letsencrypt.org/directory" routerName=nginx@docker rule="Host(Subdomain.MYDOMAIN)" providerName=myresolver.acme

This is the current docker-compose file:

version: '3'
services:
 traefik:
    image: "traefik:v2.7"
    command:
#      #- "--log.level=DEBUG"
      - "--api.insecure=true"
      - "--providers.docker=true"
      - "--providers.docker.exposedbydefault=false"
      - "--entrypoints.websecure.address=:443"
      - "--certificatesresolvers.myresolver.acme.tlschallenge=true"
      - "--certificatesresolvers.myresolver.acme.email=MYEMAIL"
      - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
    ports:
       - "80:80"
       - "443:443"
#      - "8080:8080"
    volumes:
      - "./letsencrypt:/letsencrypt"
      - "/var/run/docker.sock:/var/run/docker.sock:ro"
      
# basic nginx container
 nginx:
  image: "nginx"
  networks:
   - default
  ports:
   - 9000:9000
  labels:
   - "traefik.enable=true"
   - "traefik.http.routers.nginx.rule=Host(`MYDOMAIN`)"
   - "traefik.http.routers.nginx.service=nginx"
   - "traefik.http.services.nginx.loadbalancer.server.port=9000"
   - "traefik.http.routers.nginx.entrypoints=websecure"
   - "traefik.http.routers.nginx.tls.certresolver=myresolver"

I created the acme.json file with chmod 600 and also provide a traefik.toml, which defines the entrypoints.

And my server is hosted by strato, also the domain is from strato.

I already tried deactivating all firewalls, but it still cannot get through. I also tried several different setups (mainly from different youtube tutorials). None worked for me.

My DNS resolution is correct, it points to my current ip.

Andreas Wagner
  • 1
  • 1

0 Answers0