[DOCKER] When the certificate cannot be obtained by https-portal production (Response Code: 403)

Although staging can issue a test certificate from let's encrypt When changing to production and launching the container, the following error occurs

error contents

https-portal container log


Response Code: 403
Response: {u'status': 403, u'type': u'urn:ietf:params:acme:error:unauthorized', u'detail': u'An account with the provided public key exists but is deactivated'}
================================================================================
Failed to sign domain name
Make sure you DNS is configured correctly and is propagated to this host
machine. Sometimes that takes a while.
================================================================================
Failed to obtain certs for domain name

Maybe there is rate limiting?

https://crt.sh/ I can't find the history of issuing the certificate even if I gg in the domain, isn't it possible to issue this certificate?

Check the port DNS settings

I checked the port and DNS settings, but I could not confirm any error items such as this.

Solutions

Read the entire description of README.md in the https-portal repository

Automatic Container Discovery WARNING: WE STRONGLY RECOMMEND AGAINST USING THIS FEATURE UNLESS ABSOLUTELY NECESSARY as exposing Docker socket to a container (even with :ro) essentially gives the container root access to your host OS. If you insist, verify the source code carefully. Read more HTTPS-PORTAL is capable of discovering other Docker containers running on the same host, as long as the Docker API socket is accessible within the container.

Oh, maybe the container couldn't be detected?

Try changing the volume description as described below

services:
  https-portal:
    # ...
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro # DANGEROUS, see the warning above

Start the container again and wait a few minutes while checking the log

I got the certificate! !! !! !!

Recommended Posts

When the certificate cannot be obtained by https-portal production (Response Code: 403)
[Android] Solution when the camera cannot be started on Android 9
Provisional memo when the name of the method parameter of the Java class cannot be obtained by reflection in the Eclipse plug-in project.
When reading the source code
Numbers cannot be obtained by division in iterative processing using for
The org.junit.jupiter.api package cannot be found.
Measures when model cannot be created
A memorandum when IME cannot be turned on with VS Code (Ubuntu 20.04)
The problem that the localhost page launched by Docker cannot be confirmed in the browser when the ESET firewall is operating