I am starting a project with cookiecutter-django with docker deployment, for some reason traefik can't get letsencrypt certificate, this is the error:
traefik_1 | time="2022-01-29T03:23:51Z" level=error msg="Unable to obtain ACME certificate for domains \"somedomain.com,www.somedomain.com\": unable to generate a certificate for the domains [somedomain.com www.somedomain.com]: error: one or more domains had a problem:\n[somedomain.com] acme: error: 403 :: urn:ietf:params:acme:error:unauthorized :: Invalid response from http://somedomain.com/.well-known/acme-challenge/XsBT222XeYdWT04Gdekbvla26NgRLbDh1890UQ_QHuM [2607:f1c0:100f:f000::290]: 204, url: \n[www.somedomain.com] acme: error: 403 :: urn:ietf:params:acme:error:unauthorized :: Invalid response from http://www.somedomain.com/.well-known/acme-challenge/AcnM8qIjv-RFpBKxDfkXzUfuSG2fRk-rjhrisHUlcTE [2607:f1c0:100f:f000::290]: 204, url: \n" providerName=letsencrypt.acme routerName=web-secure-router@file rule="Host(`somedomain.com`) || Host(`www.somedomain.com`)"
I also tried let's encrypt staging endpoint, the error is the same: caServer: https://acme-staging-v02.api.letsencrypt.org/directory
traefik_1 | time="2022-01-29T03:51:26Z" level=info msg="Starting provider *acme.Provider {\"email\":\"[email protected]\",\"caServer\":\"https://acme-staging-v02.api.letsencrypt.org/directory\",\"storage\":\"/etc/traefik/acme/acme.json\",\"keyType\":\"RSA4096\",\"httpChallenge\":{\"entryPoint\":\"web\"},\"ResolverName\":\"letsencrypt\",\"store\":{},\"ChallengeStore\":{}}"
traefik_1 | time="2022-01-29T03:51:26Z" level=info msg="Testing certificate renew..." providerName=letsencrypt.acme
traefik_1 | time="2022-01-29T03:51:26Z" level=info msg="Starting provider *traefik.Provider {}"
traefik_1 | time="2022-01-29T03:51:47Z" level=info msg=Register... providerName=letsencrypt.acme
traefik_1 | time="2022-01-29T04:55:48Z" level=error msg="Unable to obtain ACME certificate for domains \"somedomain.com\": unable to generate a certificate for the domains [somedomain.com]: error: one or more domains had a problem:\n[somedomain.com] acme: error: 403 :: urn:ietf:params:acme:error:unauthorized :: Invalid response from http://somedomain.com/.well-known/acme-challenge/gaF6RncNKy17seTRhr944DQlFwBLUAFoL2MnNCJo1YY [2607:f1c0:100f:f000::290]: 204, url: \n" routerName=flower-router@file providerName=letsencrypt.acme rule="Host(`somedomain.com`)"
traefik_1 | time="2022-01-29T04:55:57Z" level=error msg="Unable to obtain ACME certificate for domains \"somedomain.com,www.somedomain.com\": unable to generate a certificate for the domains [www.somedomain.com]: error: one or more domains had a problem:\n[somedomain.com] acme: error: 403 :: urn:ietf:params:acme:error:unauthorized :: Invalid response from http://somedomain.com/.well-known/acme-challenge/gaF6RncNKy17seTRhr944DQlFwBLUAFoL2MnNCJo1YY [2607:f1c0:100f:f000::290]: 204, url: \n[www.somedomain.com] acme: error: 403 :: urn:ietf:params:acme:error:unauthorized :: Invalid response from http://www.somedomain.com/.well-known/acme-challenge/AsukH8wIdJthZeFMFpbulQvVKDprMrIObVmo9yRTpzo [2607:f1c0:100f:f000::290]: 204, url: \n" providerName=letsencrypt.acme routerName=web-secure-router@file rule="Host(`somedomain.com`) || Host(`www.somedomain.com`)"
I can't find any information about the error, I already tried setting the non-tls config here which it links here
I can access my app using the domain name by adding an exception on the browser.
Are your AAAA records correct?
Seems Let's Encrypt is getting a 204 back on the challenge files. The usual error is having AAAA records going to different servers than A records and traefik only serving challenge files on the A record servers.