Comments (4)
I suspect smth is incorrect with you LE_FQDN or other settings, or your other domains not resolved to the host running nginx-le
Can you show your compose pls?
from nginx-le.
Thanks for reply.
My compose:
version: '2'
services:nginx: build: . image: umputun/nginx-le:latest hostname: nginx restart: always container_name: nginx logging: driver: json-file options: max-size: "10m" max-file: "5" volumes: - ./etc/ssl:/etc/nginx/ssl - ./etc/service-example.conf:/etc/nginx/service.conf - ./etc/service-example-2.conf:/etc/nginx/service2.conf # more services, should be service*.conf ports: - "80:80" - "443:443" environment: - TZ=America/Chicago - LETSENCRYPT=true - [email protected] - LE_FQDN=d3.userdashboard.ru,who2.userdashboard.ru #- SSL_CERT=le-crt.pem #- SSL_KEY=le-key.pem #- SSL_CHAIN_CERT=le-chain-crt.pem
networks:
default:
external:
name: ovl
Let's Encrypt log:
trying to update letsencrypt ...
nginx | letsencrypt certificate will expire soon or missing, renewing...
nginx | Saving debug log to /var/log/letsencrypt/letsencrypt.log
nginx | Plugins selected: Authenticator webroot, Installer None
nginx | Obtaining a new certificate
nginx | Performing the following challenges:
nginx | http-01 challenge for d3.userdashboard.ru
nginx | http-01 challenge for who2.userdashboard.ru
nginx | Using the webroot path /usr/share/nginx/html for all unmatched domains.
nginx | Waiting for verification...
nginx | 3.120.130.29 - - [30/Apr/2021:11:41:02 -0500] "GET /.well-known/acme-challenge/xwwufdD3sX3s7O9WZusRXsXR5mAMCro91s0cujKX7Wo HTTP/1.1" 200 87 "-" "Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)" "-"
nginx | 18.184.114.154 - - [30/Apr/2021:11:41:02 -0500] "GET /.well-known/acme-challenge/7xi0xxT57badOeHtY3g29-_dxMDGaCL6I44REzuT4aY HTTP/1.1" 200 87 "-" "Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)" "-"
nginx | 34.221.255.206 - - [30/Apr/2021:11:41:03 -0500] "GET /.well-known/acme-challenge/xwwufdD3sX3s7O9WZusRXsXR5mAMCro91s0cujKX7Wo HTTP/1.1" 200 87 "-" "Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)" "-"
nginx | 64.78.149.164 - - [30/Apr/2021:11:41:03 -0500] "GET /.well-known/acme-challenge/xwwufdD3sX3s7O9WZusRXsXR5mAMCro91s0cujKX7Wo HTTP/1.1" 200 87 "-" "Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)" "-"
nginx | 3.19.56.43 - - [30/Apr/2021:11:41:03 -0500] "GET /.well-known/acme-challenge/xwwufdD3sX3s7O9WZusRXsXR5mAMCro91s0cujKX7Wo HTTP/1.1" 200 87 "-" "Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)" "-"
nginx | 64.78.149.164 - - [30/Apr/2021:11:41:03 -0500] "GET /.well-known/acme-challenge/7xi0xxT57badOeHtY3g29-_dxMDGaCL6I44REzuT4aY HTTP/1.1" 200 87 "-" "Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)" "-"
nginx | 34.221.255.206 - - [30/Apr/2021:11:41:03 -0500] "GET /.well-known/acme-challenge/7xi0xxT57badOeHtY3g29-_dxMDGaCL6I44REzuT4aY HTTP/1.1" 200 87 "-" "Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)" "-"
nginx | 3.142.122.14 - - [30/Apr/2021:11:41:03 -0500] "GET /.well-known/acme-challenge/7xi0xxT57badOeHtY3g29-_dxMDGaCL6I44REzuT4aY HTTP/1.1" 200 87 "-" "Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)" "-"
nginx | Cleaning up challenges
nginx | IMPORTANT NOTES:
nginx | - Congratulations! Your certificate and chain have been saved at:
nginx | /etc/letsencrypt/live/d3.userdashboard.ru/fullchain.pem
nginx | Your key file has been saved at:
nginx | /etc/letsencrypt/live/d3.userdashboard.ru/privkey.pem
nginx | Your cert will expire on 2021-07-29. To obtain a new or tweaked
nginx | version of this certificate in the future, simply run certbot
nginx | again. To non-interactively renew all of your certificates, run
nginx | "certbot renew"
nginx | - Your account credentials have been saved in your Certbot
nginx | configuration directory at /etc/letsencrypt. You should make a
nginx | secure backup of this folder now. This configuration directory will
nginx | also contain certificates and private keys obtained by Certbot so
nginx | making regular backups of this folder is ideal.
nginx | - If you like Certbot, please consider supporting our work by:
nginx |
nginx | Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
nginx | Donating to EFF: https://eff.org/donate-le
nginx |
nginx | '/etc/letsencrypt/live/d3.userdashboard.ru/privkey.pem' -> '/etc/nginx/ssl/le-key.pem'
nginx | '/etc/letsencrypt/live/d3.userdashboard.ru/fullchain.pem' -> '/etc/nginx/ssl/le-crt.pem'
nginx | '/etc/letsencrypt/live/d3.userdashboard.ru/chain.pem' -> '/etc/nginx/ssl/le-chain-crt.pem'
nginx | '/etc/nginx/conf.d.disabled' -> '/etc/nginx/conf.d'
nginx | reload nginx with ssl
nginx | 2021/04/30 11:41:07 [notice] 34#34: signal process started
from nginx-le.
ii don't see any problem with the issued certificate, it's correctly listing both subdomains
from nginx-le.
It's my mistake, i suppose. I thought, that different services can have different certs for each, and SAN only for one service in different mirror domens running. Great thanks for quick reply!
from nginx-le.
Related Issues (20)
- Support multiple domains (domain1.com, domain2.org, example.ru) HOT 6
- Possibility to add domain/change configuration without long recreation container HOT 5
- Issue with updating cert HOT 2
- requests LE certificate and will refresh every 10 days .. HOT 2
- gen a wild certificate ? (support dns challenge) HOT 4
- Please upgrade your ACME client to a version that supports ACMEv2 HOT 2
- sh: 0: unknown operand HOT 6
- SSL lab grade is B HOT 1
- Certificate is not renewed during runtime, but after restart it got renewed HOT 3
- "BEGIN TRUSTED CERTIFICATE" is expected HOT 36
- ocsp.int-x3.letsencrypt.org could not be resolved HOT 8
- postgresql secure upstream HOT 5
- image cannot be gracefully stopped HOT 2
- Challenge failed for domain HOT 4
- Update nginx image up to 1.20.1, cause: 1.19 contains security issue
- Update "LE_FQDN" without restart? HOT 1
- failed to run certbot HOT 11
- How to change conf for multiple domains? HOT 1
- Make preferred chain configurable HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from nginx-le.