I'm trying to run a fairly simple docker stack, but for some reason it is failing to register certificates.
My composer:
version: '2'
services:
nginx-proxy:
image: nginxproxy/nginx-proxy
container_name: nginx-proxy
ports:
- "80:80"
- "443:443"
volumes:
- conf:/etc/nginx/conf.d
- vhost:/etc/nginx/vhost.d
- html:/usr/share/nginx/html
- dhparam:/etc/nginx/dhparam
- certs:/etc/nginx/certs:ro
- /var/run/docker.sock:/tmp/docker.sock:ro
network_mode: bridge
acme-companion:
image: nginxproxy/acme-companion
container_name: nginx-proxy-acme
volumes_from:
- nginx-proxy
volumes:
- certs:/etc/nginx/certs:rw
- acme:/etc/acme.sh
- /var/run/docker.sock:/var/run/docker.sock:ro
network_mode: bridge
volumes:
conf:
vhost:
html:
dhparam:
certs:
acme:
This is my log from acme-companion
Info: running acme-companion version v2.1.0-25-g7f1b754,
Generating a RSA private key,
...................................................................++++,
...........................................................................................................................................................................................++++,
writing new private key to '/etc/nginx/certs/default.key.new',
-----,
1996071824:error:0D0D90AD:asn1 encoding routines:ASN1_TIME_adj:error getting time:crypto/asn1/a_time.c:330:,
Info: a default key and certificate have been created at /etc/nginx/certs/default.key and /etc/nginx/certs/default.crt.,
Warning: /etc/nginx/certs/default.key does not exist. Skipping ownership and permissions check.,
Warning: /etc/nginx/certs/default.crt does not exist. Skipping ownership and permissions check.,
Info: Custom Diffie-Hellman group found, generation skipped.,
Reloading nginx proxy (nginx-proxy)...,
2021/09/13 08:54:28 Contents of /etc/nginx/conf.d/default.conf did not change. Skipping notification '',
2021/09/13 08:54:28 [notice] 91#91: signal process started,
2021/09/13 08:54:29 Generated '/app/letsencrypt_service_data' from 4 containers,
2021/09/13 08:54:29 Running '/app/signal_le_service',
2021/09/13 08:54:29 Watching docker events,
2021/09/13 08:54:29 Contents of /app/letsencrypt_service_data did not change. Skipping notification '/app/signal_le_service',
[Thu Jan 1 00:00:00 UTC 1970] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 6,
[Thu Jan 1 00:00:00 UTC 1970] Can not init api.,
[Thu Jan 1 00:00:00 UTC 1970] Registering account: https://acme-v02.api.letsencrypt.org/directory,
[Thu Jan 1 00:00:00 UTC 1970] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 6,
[Thu Jan 1 00:00:00 UTC 1970] Could not get nonce, let's try again.,
[Thu Jan 1 00:00:00 UTC 1970] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 6,
[Thu Jan 1 00:00:00 UTC 1970] Could not get nonce, let's try again.
So error code 6 should be CURLE_COULDNT_RESOLVE_HOST but I'm not sure exactly what it can't resolve. This server has a connection and everything else seems to work.
If anyone stumbles on to this issue then here is the fix. It seems to affect alpine version 3.13 and probably other ones.
https://github.com/alpinelinux/docker-alpine/issues/135