Hello,
Environnement
Ubuntu 18.04
Docker version 19.03.12
Docker Compose version 1.26.2
Versions
Server version: 10.3.2.11
WebMail version: 10.3.2.11.0
WebAdmin version: 10.3.2.11.0
Compose File
traefik:
image: traefik:v1.7.16
container_name: traefik
restart: unless-stopped
command: --docker --api --docker.domain=${DOMAIN}
networks:
external:
ipv4_address: xxx.xx.x.xx
ports:
- "80:80"
- "443:443"
volumes:
- /opt/containers/proxy/traefik.toml:/traefik.toml
- /opt/containers/proxy/acme/acme.json:/acme/acme.json
- /var/run/docker.sock:/var/run/docker.sock
environment:
- PUID=0
- PGID=0
- TZ=${TIMEZONE}
labels:
- traefik.enable=true
- traefik.backend=Proxy
- traefik.frontend.rule=Host:proxy.${DOMAIN},www.proxy.${DOMAIN}
- traefik.port=8080
- traefik.docker.network=external
mailserver:
image: axigen/axigen
container_name: mailserver
restart: unless-stopped
domainname: ${DOMAIN}
hostname: mail
networks:
external:
ipv4_address: xxx.xx.x.xx
ports:
- "25:25" # SMTP
- "465:465" # SMTP - TLS
- "587:587" # SMTP - STARTTLS
- "143:143" # IMAP
- "993:993" # IMAPS - TLS
- "110:100" # POP3
- "995:995" # POP3 - TLS
- "7000:7000" # CLI
environment:
- TZ=${TIMEZONE}
volumes:
- /opt/containers/mailserver:/var/opt/axigen
labels:
- traefik.enable=true
- traefik.docker.network=external
- traefik.mail.frontend.rule=Host:mail.${DOMAIN},www.mail.${DOMAIN} # This rule actually don't do anything except create an unused cert
- traefik.admin.frontend.rule=Host:admin.mail.${DOMAIN},www.admin.mail.${DOMAIN}
- traefik.admin.port=9000
- traefik.web.frontend.rule=Host:web.mail.${DOMAIN},www.web.mail.${DOMAIN}
- traefik.web.port=80
Issue
So I read the docs about the creation of a LetsEncrypt cert.
When I want to create a certificate through the admin interface I encounter the following error: “The SSL certificate could not be generated!” (Case 1).
I tried to modify my request file (attached below) to remove the https:// (which seems to create a folder creation error) but after that I encounter another error: “generate_failed” (Case 2).
I saw an answer on the forum to a similar problem which explained that the port 80 of axigen had to be accessible from the outside, in case of change of port should I do a redirect?
Another case with much the same error message as mine saw its problem corrected via v3, it is not my case.
I am attaching you the two request files as well as the corresponding logs.
Scenario
Case 1
Nothing is done.
Case 2
A folder mail.domain.tld is created with inside a account_priv.key file.
Logs
CASE 1
request file 1
{
"current": {
"accept-terms":"yes",
"commonName":"https:\/\/mail.domain.tld",
"contactMail":"",
"type":"0"
},
"state": {"id":"0"},
"requests": []
}
logs file 1
2020-08-14 18:42:51.581 +0000 08 mail JOBLOG:70000008: LetsE: Acme job executing
2020-08-14 18:42:51.581 +0000 08 mail JOBLOG:70000008: LetsE: Found current request
2020-08-14 18:42:51.581 +0000 08 mail JOBLOG:70000008: LetsE: Generating account private key...
2020-08-14 18:42:51.581 +0000 02 mail JOBLOG:70000008: LetsE: Failed to create dir /var/opt/axigen/letsencrypt/https://mail.domain.tld error 2
2020-08-14 18:42:51.581 +0000 02 mail JOBLOG:70000008: LetsE: error generating account keys
2020-08-14 18:42:51.581 +0000 02 mail JOBLOG:70000008: LetsE: Unable to access required files
CASE 2
request file 2
{
"current": {
"accept-terms":"yes",
"commonName":"mail.domain.tld",
"contactMail":"",
"type":"0"
},
"state": {"id":"0"},
"requests": []
}
logs file 2
2020-08-14 18:47:21.965 +0000 08 mail JOBLOG:70000000: LetsE: Acme job executing
2020-08-14 18:47:21.965 +0000 08 mail JOBLOG:70000000: LetsE: Found current request
2020-08-14 18:47:21.966 +0000 08 mail JOBLOG:70000000: LetsE: AcmeInitState for mail.elielaloum.com executing
2020-08-14 18:47:22.823 +0000 08 mail JOBLOG:70000000: LetsE: Response code 200
2020-08-14 18:47:22.823 +0000 08 mail JOBLOG:70000000: LetsE: Account location is https://acme-v02.api.letsencrypt.org/acme/acct/93948539, TOS URI is https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf
2020-08-14 18:47:22.823 +0000 02 mail JOBLOG:70000000: LetsE: Acme init state completed, moving to reg state
2020-08-14 18:47:22.824 +0000 08 mail JOBLOG:70000000: LetsE: Job step action => Proceeding to next state
2020-08-14 18:47:22.824 +0000 08 mail JOBLOG:70000000: LetsE: AcmeRegState for mail.elielaloum.com executing
2020-08-14 18:47:23.105 +0000 08 mail JOBLOG:70000000: LetsE: Response code 201
2020-08-14 18:47:23.282 +0000 02 mail JOBLOG:70000000: LetsE: Acme reg state completed, moving to challenge state
2020-08-14 18:47:23.283 +0000 08 mail JOBLOG:70000000: LetsE: Job step action => Proceeding to next state
2020-08-14 18:47:23.283 +0000 08 mail JOBLOG:70000000: LetsE: AcmeChallengeState for mail.elielaloum.com executing
2020-08-14 18:47:23.646 +0000 08 mail JOBLOG:70000000: LetsE: Response code 200
2020-08-14 18:47:23.646 +0000 08 mail JOBLOG:70000000: LetsE: Job step action => Waiting is needed, going to sleep
2020-08-14 18:47:38.280 +0000 08 mail JOBLOG:70000001: LetsE: Acme job executing
2020-08-14 18:47:38.280 +0000 08 mail JOBLOG:70000001: LetsE: AcmeChallengeState for mail.elielaloum.com executing
2020-08-14 18:47:38.450 +0000 08 mail JOBLOG:70000001: LetsE: Challenge status still pending, need to wait some more for mail.elielaloum.com
2020-08-14 18:47:38.454 +0000 02 mail JOBLOG:70000001: LetsE: Job step action => Connection-related error, re-attempting after 15 seconds