certificates
certificates copied to clipboard
Published
20 hours ago •
smallstep
smallstep
[Bug]: step-ca with Taefik - Wildcard endless pending
Steps to Reproduce
This docker-compose.yml work:
services:
nginx:
.......
labels:
- "traefik.enable=true"
- "traefik.http.routers.laravel.rule=Host(`site.tld`) || Host(`backend.site.tld`)"
- "traefik.http.routers.laravel.entrypoints=websecure"
- "traefik.http.routers.laravel.tls=true"
- "traefik.http.routers.laravel.tls.certResolver=defaultResolver"
- "traefik.http.routers.laravel.tls.domains[0].main=site.tld"
- "traefik.http.routers.laravel.tls.domains[0].sans=backend.site.tld"
if i change to this
- "traefik.http.routers.laravel.tls.domains[0].sans=*.site.tld"
I get an endless log in my step-ca
2023-10-17 12:45:04 time="2023-10-17T10:45:04Z" level=info duration=1.013833ms duration-ns=1013833 fields.time="2023-10-17T10:45:04Z" method=POST name=ca nonce=c1FOVTIwcE44clo4QmZCNjF3Mk5kMUxIajJ4UUpuVVU path=/acme/acme/authz/i4Lt1OFExagKbZOnA0Pk13AqIS4ZnZgZ protocol=HTTP/1.1 referer= remote-address=172.19.15.5 request-id=ckn6bc3ctfrs73e26ikg response="{\"identifier\":{\"type\":\"dns\",\"value\":\"site.tld\"},\"status\":\"pending\",\"challenges\":[{\"type\":\"dns-01\",\"status\":\"pending\",\"token\":\"O2ISElTSyE1CTQqrRwDdypjmLa2nwufM\",\"url\":\"https://step-ca:9000/acme/acme/challenge/i4Lt1OFExagKbZOnA0Pk13AqIS4ZnZgZ/9A4eCJW7ilIGKoVP5cEW7WwJQSJwuOaR\"}],\"wildcard\":true,\"expires\":\"2023-10-18T10:45:03Z\"}" size=332 status=200 user-agent="containous-traefik/3.0.0-beta4 xenolf-acme/4.14.0 (release; linux; arm64)" user-id=
2023-10-17 12:45:04 time="2023-10-17T10:45:04Z" level=warning duration="990.959µs" duration-ns=990959 error="expected POST-as-GET" fields.time="2023-10-17T10:45:04Z" method=POST name=ca nonce=bm41R2t1ZURWR2o1QmJTYnpOcG11ZmRqNmdycmdpWlI path=/acme/acme/authz/i4Lt1OFExagKbZOnA0Pk13AqIS4ZnZgZ protocol=HTTP/1.1 referer= remote-address=172.19.15.5 request-id=ckn6bc3ctfrs73e26il0 response="{\"type\":\"urn:ietf:params:acme:error:malformed\",\"detail\":\"The request message was malformed\"}" size=93 status=400 user-agent="containous-traefik/3.0.0-beta4 xenolf-acme/4.14.0 (release; linux; arm64)" user-id=
2023-10-17 12:45:04 time="2023-10-17T10:45:04Z" level=info duration=20.78425ms duration-ns=20784250 fields.time="2023-10-17T10:45:04Z" method=POST name=ca nonce=M21SdmJXTVZLMHBOSkRFR2Vjb1lKamdlbXpHODg3cDE path=/acme/acme/new-order protocol=HTTP/1.1 referer= remote-address=172.19.15.5 request-id=ckn6bc3ctfrs73e26ilg response="{\"id\":\"ZAmyJJzIqIbalrBzxQH9x67HO8UIGHiL\",\"status\":\"pending\",\"expires\":\"2023-10-18T10:45:04Z\",\"identifiers\":[{\"type\":\"dns\",\"value\":\"site.tld\"},{\"type\":\"dns\",\"value\":\"*.site.tld\"}],\"notBefore\":\"2023-10-17T10:44:04Z\",\"notAfter\":\"2023-10-18T10:45:04Z\",\"authorizations\":[\"https://step-ca:9000/acme/acme/authz/Wjku0TsQtxoBxi8KhpNYCeyROpVemW0D\",\"https://step-ca:9000/acme/acme/authz/nOGYBgZSTxrd9Sm2C6dBTOV4TVn1lInI\"],\"finalize\":\"https://step-ca:9000/acme/acme/order/ZAmyJJzIqIbalrBzxQH9x67HO8UIGHiL/finalize\"}" size=514 status=201 user-agent="containous-traefik/3.0.0-beta4 xenolf-acme/4.14.0 (release; linux; arm64)" user-id=
2023-10-17 12:45:04 time="2023-10-17T10:45:04Z" level=info duration=1.595417ms duration-ns=1595417 fields.time="2023-10-17T10:45:04Z" method=POST name=ca nonce=eDhsaVpIREVtZHNBTFZXck9MOEFnWnVneGo3UGFoRkU path=/acme/acme/authz/Wjku0TsQtxoBxi8KhpNYCeyROpVemW0D protocol=HTTP/1.1 referer= remote-address=172.19.15.5 request-id=ckn6bc3ctfrs73e26im0 response="{\"identifier\":{\"type\":\"dns\",\"value\":\"site.tld\"},\"status\":\"pending\",\"challenges\":[{\"type\":\"dns-01\",\"status\":\"pending\",\"token\":\"JNOy9KC9HFofaVDY5xRqt5vMNFrqNqDI\",\"url\":\"https://step-ca:9000/acme/acme/challenge/Wjku0TsQtxoBxi8KhpNYCeyROpVemW0D/6ZQaX3NuA42E6RnG96QDL79iEyxz1lle\"},{\"type\":\"http-01\",\"status\":\"pending\",\"token\":\"JNOy9KC9HFofaVDY5xRqt5vMNFrqNqDI\",\"url\":\"https://step-ca:9000/acme/acme/challenge/Wjku0TsQtxoBxi8KhpNYCeyROpVemW0D/y4rEvjeVOoI7nUYdziN5804rGtkjkZKf\"},{\"type\":\"tls-alpn-01\",\"status\":\"pending\",\"token\":\"JNOy9KC9HFofaVDY5xRqt5vMNFrqNqDI\",\"url\":\"https://step-ca:9000/acme/acme/challenge/Wjku0TsQtxoBxi8KhpNYCeyROpVemW0D/uNpsaXXr3iuy4IHOf7qCXIflBvxdCKdp\"}],\"wildcard\":false,\"expires\":\"2023-10-18T10:45:04Z\"}" size=729 status=200 user-agent="containous-traefik/3.0.0-beta4 xenolf-acme/4.14.0 (release; linux; arm64)" user-id=
2023-10-17 12:45:04 time="2023-10-17T10:45:04Z" level=info duration=1.548ms duration-ns=1548000 fields.time="2023-10-17T10:45:04Z" method=POST name=ca nonce=RFF2VjNXNVNVY2NDQzdRSzFLWmpiaXRCVWFNc0ZpWE8 path=/acme/acme/authz/nOGYBgZSTxrd9Sm2C6dBTOV4TVn1lInI protocol=HTTP/1.1 referer= remote-address=172.19.15.5 request-id=ckn6bc3ctfrs73e26img response="{\"identifier\":{\"type\":\"dns\",\"value\":\"site.tld\"},\"status\":\"pending\",\"challenges\":[{\"type\":\"dns-01\",\"status\":\"pending\",\"token\":\"z1Yyx9MHWN2cjN6lqt3dxAx8Aawx3j5O\",\"url\":\"https://step-ca:9000/acme/acme/challenge/nOGYBgZSTxrd9Sm2C6dBTOV4TVn1lInI/UxRgDoZoyRC4qAkAlLrSqNvVGmV7IwNy\"}],\"wildcard\":true,\"expires\":\"2023-10-18T10:45:04Z\"}" size=332 status=200 user-agent="containous-traefik/3.0.0-beta4 xenolf-acme/4.14.0 (release; linux; arm64)" user-id=
2023-10-17 12:45:04 time="2023-10-17T10:45:04Z" level=info duration=10.63375ms duration-ns=10633750 fields.time="2023-10-17T10:45:04Z" method=POST name=ca nonce=MzZmdUhVa2FRaTd4TXNSbHFGalh4dkV4dHY4Qm9kMTI path=/acme/acme/challenge/Wjku0TsQtxoBxi8KhpNYCeyROpVemW0D/uNpsaXXr3iuy4IHOf7qCXIflBvxdCKdp protocol=HTTP/1.1 referer= remote-address=172.19.15.5 request-id=ckn6bc3ctfrs73e26in0 response="{\"type\":\"tls-alpn-01\",\"status\":\"valid\",\"token\":\"JNOy9KC9HFofaVDY5xRqt5vMNFrqNqDI\",\"validated\":\"2023-10-17T10:45:04Z\",\"url\":\"https://step-ca:9000/acme/acme/challenge/Wjku0TsQtxoBxi8KhpNYCeyROpVemW0D/uNpsaXXr3iuy4IHOf7qCXIflBvxdCKdp\"}" size=233 status=200 user-agent="containous-traefik/3.0.0-beta4 xenolf-acme/4.14.0 (release; linux; arm64)" user-id=
2023-10-17 12:45:04 time="2023-10-17T10:45:04Z" level=info duration=1.19825ms duration-ns=1198250 fields.time="2023-10-17T10:45:04Z" method=POST name=ca nonce=TUt0S1NFSUg4bjE2d01SOGlYanpFMlhrSkRrZENIRXk path=/acme/acme/authz/Wjku0TsQtxoBxi8KhpNYCeyROpVemW0D protocol=HTTP/1.1 referer= remote-address=172.19.15.5 request-id=ckn6bc3ctfrs73e26ing response="{\"identifier\":{\"type\":\"dns\",\"value\":\"site.tld\"},\"status\":\"valid\",\"challenges\":[{\"type\":\"dns-01\",\"status\":\"pending\",\"token\":\"JNOy9KC9HFofaVDY5xRqt5vMNFrqNqDI\",\"url\":\"https://step-ca:9000/acme/acme/challenge/Wjku0TsQtxoBxi8KhpNYCeyROpVemW0D/6ZQaX3NuA42E6RnG96QDL79iEyxz1lle\"},{\"type\":\"http-01\",\"status\":\"pending\",\"token\":\"JNOy9KC9HFofaVDY5xRqt5vMNFrqNqDI\",\"url\":\"https://step-ca:9000/acme/acme/challenge/Wjku0TsQtxoBxi8KhpNYCeyROpVemW0D/y4rEvjeVOoI7nUYdziN5804rGtkjkZKf\"},{\"type\":\"tls-alpn-01\",\"status\":\"valid\",\"token\":\"JNOy9KC9HFofaVDY5xRqt5vMNFrqNqDI\",\"validated\":\"2023-10-17T10:45:04Z\",\"url\":\"https://step-ca:9000/acme/acme/challenge/Wjku0TsQtxoBxi8KhpNYCeyROpVemW0D/uNpsaXXr3iuy4IHOf7qCXIflBvxdCKdp\"}],\"wildcard\":false,\"expires\":\"2023-10-18T10:45:04Z\"}" size=760 status=200 user-agent="containous-traefik/3.0.0-beta4 xenolf-acme/4.14.0 (release; linux; arm64)" user-id=
2023-10-17 12:45:04 time="2023-10-17T10:45:04Z" level=info duration=1.098667ms duration-ns=1098667 fields.time="2023-10-17T10:45:04Z" method=POST name=ca nonce=akE1RmxPMkJnVnhTMUQ3NDVyWTdaUjY4dzhuOXk1Z3M path=/acme/acme/authz/nOGYBgZSTxrd9Sm2C6dBTOV4TVn1lInI protocol=HTTP/1.1 referer= remote-address=172.19.15.5 request-id=ckn6bc3ctfrs73e26io0 response="{\"identifier\":{\"type\":\"dns\",\"value\":\"site.tld\"},\"status\":\"pending\",\"challenges\":[{\"type\":\"dns-01\",\"status\":\"pending\",\"token\":\"z1Yyx9MHWN2cjN6lqt3dxAx8Aawx3j5O\",\"url\":\"https://step-ca:9000/acme/acme/challenge/nOGYBgZSTxrd9Sm2C6dBTOV4TVn1lInI/UxRgDoZoyRC4qAkAlLrSqNvVGmV7IwNy\"}],\"wildcard\":true,\"expires\":\"2023-10-18T10:45:04Z\"}" size=332 status=200 user-agent="containous-traefik/3.0.0-beta4 xenolf-acme/4.14.0 (release; linux; arm64)" user-id=
2023-10-17 12:45:04 time="2023-10-17T10:45:04Z" level=warning duration="966.583µs" duration-ns=966583 error="expected POST-as-GET" fields.time="2023-10-17T10:45:04Z" method=POST name=ca nonce=b0tRdkNOUFlFeHJrYjY5TzZBZDJnZXJrRU5jbHA4UG0 path=/acme/acme/authz/nOGYBgZSTxrd9Sm2C6dBTOV4TVn1lInI protocol=HTTP/1.1 referer= remote-address=172.19.15.5 request-id=ckn6bc3ctfrs73e26iog response="{\"type\":\"urn:ietf:params:acme:error:malformed\",\"detail\":\"The request message was malformed\"}" size=93 status=400 user-agent="containous-traefik/3.0.0-beta4 xenolf-acme/4.14.0 (release; linux; arm64)" user-id=
2023-10-17 12:45:04 time="2023-10-17T10:45:04Z" level=info duration=20.068959ms duration-ns=20068959 fields.time="2023-10-17T10:45:04Z" method=POST name=ca nonce=VXdnQVdJMmZQZzFGRks3eW13c2tSaE05M2pDdUtUUlc path=/acme/acme/new-order protocol=HTTP/1.1 referer= remote-address=172.19.15.5 request-id=ckn6bc3ctfrs73e26ip0 response="{\"id\":\"fqLid3Ld1xzs1agmB3RUe86aTaGzbBPb\",\"status\":\"pending\",\"expires\":\"2023-10-18T10:45:04Z\",\"identifiers\":[{\"type\":\"dns\",\"value\":\"site.tld\"},{\"type\":\"dns\",\"value\":\"*.site.tld\"}],\"notBefore\":\"2023-10-17T10:44:04Z\",\"notAfter\":\"2023-10-18T10:45:04Z\",\"authorizations\":[\"https://step-ca:9000/acme/acme/authz/vil08FUmdccpUuFIxRvkMVFshBQ3kPyj\",\"https://step-ca:9000/acme/acme/authz/If5544FHbc8FBjWX2qKcneNFwjAaihJu\"],\"finalize\":\"https://step-ca:9000/acme/acme/order/fqLid3Ld1xzs1agmB3RUe86aTaGzbBPb/finalize\"}" size=514 status=201 user-agent="containous-traefik/3.0.0-beta4 xenolf-acme/4.14.0 (release; linux; arm64)" user-id=
2023-10-17 12:45:04 time="2023-10-17T10:45:04Z" level=info duration=1.475542ms duration-ns=1475542 fields.time="2023-10-17T10:45:04Z" method=POST name=ca nonce=QUdCcXkwTE94Njd1bDFGWVM3VHk3UzlqMTBYR0VPdTA path=/acme/acme/authz/vil08FUmdccpUuFIxRvkMVFshBQ3kPyj protocol=HTTP/1.1 referer= remote-address=172.19.15.5 request-id=ckn6bc3ctfrs73e26ipg response="{\"identifier\":{\"type\":\"dns\",\"value\":\"site.tld\"},\"status\":\"pending\",\"challenges\":[{\"type\":\"dns-01\",\"status\":\"pending\",\"token\":\"Okl1Emj1kZXhzN2I6uWkwPCC5xKQH9t8\",\"url\":\"https://step-ca:9000/acme/acme/challenge/vil08FUmdccpUuFIxRvkMVFshBQ3kPyj/43TgF70M0g8XVLV4QCzlPWufTKBdYRln\"},{\"type\":\"http-01\",\"status\":\"pending\",\"token\":\"Okl1Emj1kZXhzN2I6uWkwPCC5xKQH9t8\",\"url\":\"https://step-ca:9000/acme/acme/challenge/vil08FUmdccpUuFIxRvkMVFshBQ3kPyj/uw9JCiufbC7ND5UfZeycN00BESHMvuRC\"},{\"type\":\"tls-alpn-01\",\"status\":\"pending\",\"token\":\"Okl1Emj1kZXhzN2I6uWkwPCC5xKQH9t8\",\"url\":\"https://step-ca:9000/acme/acme/challenge/vil08FUmdccpUuFIxRvkMVFshBQ3kPyj/OKga8ZQcPL3yi9abqOa6jLDmEEVBnuP0\"}],\"wildcard\":false,\"expires\":\"2023-10-18T10:45:04Z\"}" size=729 status=200 user-agent="containous-traefik/3.0.0-beta4 xenolf-acme/4.14.0 (release; linux; arm64)" user-id=
2023-10-17 12:45:04 time="2023-10-17T10:45:04Z" level=info duration=1.588542ms duration-ns=1588542 fields.time="2023-10-17T10:45:04Z" method=POST name=ca nonce=Wmw0eVZlMmVWZDhoU0Vlb1lSWmhGS3Z1S2luUlVySWw path=/acme/acme/authz/If5544FHbc8FBjWX2qKcneNFwjAaihJu protocol=HTTP/1.1 referer= remote-address=172.19.15.5 request-id=ckn6bc3ctfrs73e26iq0 response="{\"identifier\":{\"type\":\"dns\",\"value\":\"site.tld\"},\"status\":\"pending\",\"challenges\":[{\"type\":\"dns-01\",\"status\":\"pending\",\"token\":\"gTUZLEORISJcSSEZAU47XMq4TKQyhHVC\",\"url\":\"https://step-ca:9000/acme/acme/challenge/If5544FHbc8FBjWX2qKcneNFwjAaihJu/2vQEGuXfu6zRmTUcWS41b5Vhl9THreim\"}],\"wildcard\":true,\"expires\":\"2023-10-18T10:45:04Z\"}" size=332 status=200 user-agent="containous-traefik/3.0.0-beta4 xenolf-acme/4.14.0 (release; linux; arm64)" user-id=
2023-10-17 12:45:05 time="2023-10-17T10:45:05Z" level=info duration=10.622042ms duration-ns=10622042 fields.time="2023-10-17T10:45:05Z" method=POST name=ca nonce=QUpOeWVYTWEyN2txNUVhcVJabXNyZjNyc1FjdHYzTUQ path=/acme/acme/challenge/vil08FUmdccpUuFIxRvkMVFshBQ3kPyj/OKga8ZQcPL3yi9abqOa6jLDmEEVBnuP0 protocol=HTTP/1.1 referer= remote-address=172.19.15.5 request-id=ckn6bcbctfrs73e26iqg response="{\"type\":\"tls-alpn-01\",\"status\":\"valid\",\"token\":\"Okl1Emj1kZXhzN2I6uWkwPCC5xKQH9t8\",\"validated\":\"2023-10-17T10:45:05Z\",\"url\":\"https://step-ca:9000/acme/acme/challenge/vil08FUmdccpUuFIxRvkMVFshBQ3kPyj/OKga8ZQcPL3yi9abqOa6jLDmEEVBnuP0\"}" size=233 status=200 user-agent="containous-traefik/3.0.0-beta4 xenolf-acme/4.14.0 (release; linux; arm64)" user-id=
2023-10-17 12:45:05 time="2023-10-17T10:45:05Z" level=info duration=1.146ms duration-ns=1146000 fields.time="2023-10-17T10:45:05Z" method=POST name=ca nonce=TVFPOEFlUFdFM1RPbFRMTFhUZUluU1BaWjVmNGhaTjg path=/acme/acme/authz/vil08FUmdccpUuFIxRvkMVFshBQ3kPyj protocol=HTTP/1.1 referer= remote-address=172.19.15.5 request-id=ckn6bcbctfrs73e26ir0 response="{\"identifier\":{\"type\":\"dns\",\"value\":\"site.tld\"},\"status\":\"valid\",\"challenges\":[{\"type\":\"dns-01\",\"status\":\"pending\",\"token\":\"Okl1Emj1kZXhzN2I6uWkwPCC5xKQH9t8\",\"url\":\"https://step-ca:9000/acme/acme/challenge/vil08FUmdccpUuFIxRvkMVFshBQ3kPyj/43TgF70M0g8XVLV4QCzlPWufTKBdYRln\"},{\"type\":\"http-01\",\"status\":\"pending\",\"token\":\"Okl1Emj1kZXhzN2I6uWkwPCC5xKQH9t8\",\"url\":\"https://step-ca:9000/acme/acme/challenge/vil08FUmdccpUuFIxRvkMVFshBQ3kPyj/uw9JCiufbC7ND5UfZeycN00BESHMvuRC\"},{\"type\":\"tls-alpn-01\",\"status\":\"valid\",\"token\":\"Okl1Emj1kZXhzN2I6uWkwPCC5xKQH9t8\",\"validated\":\"2023-10-17T10:45:05Z\",\"url\":\"https://step-ca:9000/acme/acme/challenge/vil08FUmdccpUuFIxRvkMVFshBQ3kPyj/OKga8ZQcPL3yi9abqOa6jLDmEEVBnuP0\"}],\"wildcard\":false,\"expires\":\"2023-10-18T10:45:04Z\"}" size=760 status=200 user-agent="containous-traefik/3.0.0-beta4 xenolf-acme/4.14.0 (release; linux; arm64)" user-id=
2023-10-17 12:45:05 time="2023-10-17T10:45:05Z" level=info duration="944.833µs" duration-ns=944833 fields.time="2023-10-17T10:45:05Z" method=POST name=ca nonce=VjNIcXJxYmZLQmh5S0NNMGhSckFDU1dHOGNVVm1BUm0 path=/acme/acme/authz/If5544FHbc8FBjWX2qKcneNFwjAaihJu protocol=HTTP/1.1 referer= remote-address=172.19.15.5 request-id=ckn6bcbctfrs73e26irg response="{\"identifier\":{\"type\":\"dns\",\"value\":\"site.tld\"},\"status\":\"pending\",\"challenges\":[{\"type\":\"dns-01\",\"status\":\"pending\",\"token\":\"gTUZLEORISJcSSEZAU47XMq4TKQyhHVC\",\"url\":\"https://step-ca:9000/acme/acme/challenge/If5544FHbc8FBjWX2qKcneNFwjAaihJu/2vQEGuXfu6zRmTUcWS41b5Vhl9THreim\"}],\"wildcard\":true,\"expires\":\"2023-10-18T10:45:04Z\"}" size=332 status=200 user-agent="containous-traefik/3.0.0-beta4 xenolf-acme/4.14.0 (release; linux; arm64)" user-id=
2023-10-17 12:45:05 time="2023-10-17T10:45:05Z" level=warning duration="977.5µs" duration-ns=977500 error="expected POST-as-GET" fields.time="2023-10-17T10:45:05Z" method=POST name=ca nonce=N3dnMVlmOWZ3TWk2RjVsNjVYdmYzWWFXVlFrVkh1MEo path=/acme/acme/authz/If5544FHbc8FBjWX2qKcneNFwjAaihJu protocol=HTTP/1.1 referer= remote-address=172.19.15.5 request-id=ckn6bcbctfrs73e26is0 response="{\"type\":\"urn:ietf:params:acme:error:malformed\",\"detail\":\"The request message was malformed\"}" size=93 status=400 user-agent="containous-traefik/3.0.0-beta4 xenolf-acme/4.14.0 (release; linux; arm64)" user-id=
2023-10-17 12:45:05 time="2023-10-17T10:45:05Z" level=info duration=20.001125ms duration-ns=20001125 fields.time="2023-10-17T10:45:05Z" method=POST name=ca nonce=MmFhRjExZGRVZnl5U1oyYUtvYjV3WGhyZlROOWtTMGE path=/acme/acme/new-order protocol=HTTP/1.1 referer= remote-address=172.19.15.5 request-id=ckn6bcbctfrs73e26isg response="{\"id\":\"ea5bQXFBsxH0zJYiZmuvKNTyaeOqYwsv\",\"status\":\"pending\",\"expires\":\"2023-10-18T10:45:05Z\",\"identifiers\":[{\"type\":\"dns\",\"value\":\"site.tld\"},{\"type\":\"dns\",\"value\":\"*.site.tld\"}],\"notBefore\":\"2023-10-17T10:44:05Z\",\"notAfter\":\"2023-10-18T10:45:05Z\",\"authorizations\":[\"https://step-ca:9000/acme/acme/authz/czaGeQivHkTwQZSJ68sUUGjUo0B2mKc5\",\"https://step-ca:9000/acme/acme/authz/N9nPcdcdHQXv4UrCvR2VrCavNUNGClZ4\"],\"finalize\":\"https://step-ca:9000/acme/acme/order/ea5bQXFBsxH0zJYiZmuvKNTyaeOqYwsv/finalize\"}" size=514 status=201 user-agent="containous-traefik/3.0.0-beta4 xenolf-acme/4.14.0 (release; linux; arm64)" user-id=
2023-10-17 12:45:05 time="2023-10-17T10:45:05Z" level=info duration=1.667583ms duration-ns=1667583 fields.time="2023-10-17T10:45:05Z" method=POST name=ca nonce=bFh1VGdobTN2dTJESTRNNlNkdndvVWJhMjVhOHpWS3k path=/acme/acme/authz/czaGeQivHkTwQZSJ68sUUGjUo0B2mKc5 protocol=HTTP/1.1 referer= remote-address=172.19.15.5 request-id=ckn6bcbctfrs73e26it0 response="{\"identifier\":{\"type\":\"dns\",\"value\":\"site.tld\"},\"status\":\"pending\",\"challenges\":[{\"type\":\"dns-01\",\"status\":\"pending\",\"token\":\"DTSBt69ewhLAUc6oTiNQ8ZdXvmj0XDcV\",\"url\":\"https://step-ca:9000/acme/acme/challenge/czaGeQivHkTwQZSJ68sUUGjUo0B2mKc5/ZQNrzwLBJSvTECNAi7PcwfVrh3UkGpmU\"},{\"type\":\"http-01\",\"status\":\"pending\",\"token\":\"DTSBt69ewhLAUc6oTiNQ8ZdXvmj0XDcV\",\"url\":\"https://step-ca:9000/acme/acme/challenge/czaGeQivHkTwQZSJ68sUUGjUo0B2mKc5/I2tmmpZfzRbTTnAfOPOz3vRBoFWHDtKu\"},{\"type\":\"tls-alpn-01\",\"status\":\"pending\",\"token\":\"DTSBt69ewhLAUc6oTiNQ8ZdXvmj0XDcV\",\"url\":\"https://step-ca:9000/acme/acme/challenge/czaGeQivHkTwQZSJ68sUUGjUo0B2mKc5/gnIHBv6mHfAuGtDdsXlNIhhbon7lRgSa\"}],\"wildcard\":false,\"expires\":\"2023-10-18T10:45:05Z\"}" size=729 status=200 user-agent="containous-traefik/3.0.0-beta4 xenolf-acme/4.14.0 (release; linux; arm64)" user-id=
2023-10-17 12:45:05 time="2023-10-17T10:45:05Z" level=info duration=1.805ms duration-ns=1805000 fields.time="2023-10-17T10:45:05Z" method=POST name=ca nonce=anJhSmN3cmFUbnlxbVRBWkpSQ1NpMEg3bWhueGNPMEE path=/acme/acme/authz/N9nPcdcdHQXv4UrCvR2VrCavNUNGClZ4 protocol=HTTP/1.1 referer= remote-address=172.19.15.5 request-id=ckn6bcbctfrs73e26itg response="{\"identifier\":{\"type\":\"dns\",\"value\":\"site.tld\"},\"status\":\"pending\",\"challenges\":[{\"type\":\"dns-01\",\"status\":\"pending\",\"token\":\"vYbM7Wm96as1I9Ndkm7y3ZJ2RXszlSCo\",\"url\":\"https://step-ca:9000/acme/acme/challenge/N9nPcdcdHQXv4UrCvR2VrCavNUNGClZ4/N2NWBmTCk50rJzxDul5oBWkuRFcD39Xg\"}],\"wildcard\":true,\"expires\":\"2023-10-18T10:45:05Z\"}" size=332 status=200 user-agent="containous-traefik/3.0.0-beta4 xenolf-acme/4.14.0 (release; linux; arm64)" user-id=
2023-10-17 12:45:05 time="2023-10-17T10:45:05Z" level=info duration=10.185583ms duration-ns=10185583 fields.time="2023-10-17T10:45:05Z" method=POST name=ca nonce=OHZEVmlIaGQwTkNmcFBzY0FlU1NHSFp0R002R2Fjejg path=/acme/acme/challenge/czaGeQivHkTwQZSJ68sUUGjUo0B2mKc5/gnIHBv6mHfAuGtDdsXlNIhhbon7lRgSa protocol=HTTP/1.1 referer= remote-address=172.19.15.5 request-id=ckn6bcbctfrs73e26iu0 response="{\"type\":\"tls-alpn-01\",\"status\":\"valid\",\"token\":\"DTSBt69ewhLAUc6oTiNQ8ZdXvmj0XDcV\",\"validated\":\"2023-10-17T10:45:05Z\",\"url\":\"https://step-ca:9000/acme/acme/challenge/czaGeQivHkTwQZSJ68sUUGjUo0B2mKc5/gnIHBv6mHfAuGtDdsXlNIhhbon7lRgSa\"}" size=233 status=200 user-agent="containous-traefik/3.0.0-beta4 xenolf-acme/4.14.0 (release; linux; arm64)" user-id=
2023-10-17 12:45:05 time="2023-10-17T10:45:05Z" level=info duration=1.208333ms duration-ns=1208333 fields.time="2023-10-17T10:45:05Z" method=POST name=ca nonce=a2lZUGhjOWdSRTAzVVZ3SDB3WVcybVJrdHZ3a1A3V0g path=/acme/acme/authz/czaGeQivHkTwQZSJ68sUUGjUo0B2mKc5 protocol=HTTP/1.1 referer= remote-address=172.19.15.5 request-id=ckn6bcbctfrs73e26iug response="{\"identifier\":{\"type\":\"dns\",\"value\":\"site.tld\"},\"status\":\"valid\",\"challenges\":[{\"type\":\"dns-01\",\"status\":\"pending\",\"token\":\"DTSBt69ewhLAUc6oTiNQ8ZdXvmj0XDcV\",\"url\":\"https://step-ca:9000/acme/acme/challenge/czaGeQivHkTwQZSJ68sUUGjUo0B2mKc5/ZQNrzwLBJSvTECNAi7PcwfVrh3UkGpmU\"},{\"type\":\"http-01\",\"status\":\"pending\",\"token\":\"DTSBt69ewhLAUc6oTiNQ8ZdXvmj0XDcV\",\"url\":\"https://step-ca:9000/acme/acme/challenge/czaGeQivHkTwQZSJ68sUUGjUo0B2mKc5/I2tmmpZfzRbTTnAfOPOz3vRBoFWHDtKu\"},{\"type\":\"tls-alpn-01\",\"status\":\"valid\",\"token\":\"DTSBt69ewhLAUc6oTiNQ8ZdXvmj0XDcV\",\"validated\":\"2023-10-17T10:45:05Z\",\"url\":\"https://step-ca:9000/acme/acme/challenge/czaGeQivHkTwQZSJ68sUUGjUo0B2mKc5/gnIHBv6mHfAuGtDdsXlNIhhbon7lRgSa\"}],\"wildcard\":false,\"expires\":\"2023-10-18T10:45:05Z\"}" size=760 status=200 user-agent="containous-traefik/3.0.0-beta4 xenolf-acme/4.14.0 (release; linux; arm64)" user-id=
2023-10-17 12:45:05 time="2023-10-17T10:45:05Z" level=info duration="943.833µs" duration-ns=943833 fields.time="2023-10-17T10:45:05Z" method=POST name=ca nonce=RDNxek5DMkpzOVpwTHdSZUxveDJUbVo1eEZjN1VxUXE path=/acme/acme/authz/N9nPcdcdHQXv4UrCvR2VrCavNUNGClZ4 protocol=HTTP/1.1 referer= remote-address=172.19.15.5 request-id=ckn6bcbctfrs73e26iv0 response="{\"identifier\":{\"type\":\"dns\",\"value\":\"site.tld\"},\"status\":\"pending\",\"challenges\":[{\"type\":\"dns-01\",\"status\":\"pending\",\"token\":\"vYbM7Wm96as1I9Ndkm7y3ZJ2RXszlSCo\",\"url\":\"https://step-ca:9000/acme/acme/challenge/N9nPcdcdHQXv4UrCvR2VrCavNUNGClZ4/N2NWBmTCk50rJzxDul5oBWkuRFcD39Xg\"}],\"wildcard\":true,\"expires\":\"2023-10-18T10:45:05Z\"}" size=332 status=200 user-agent="containous-traefik/3.0.0-beta4 xenolf-acme/4.14.0 (release; linux; arm64)" user-id=
2023-10-17 12:45:05 time="2023-10-17T10:45:05Z" level=warning duration=1.057ms duration-ns=1057000 error="expected POST-as-GET" fields.time="2023-10-17T10:45:05Z" method=POST name=ca nonce=eHE0dUNrQVdjalBPcVR0aWRXM1Z5YlZVMUFwUVllczM path=/acme/acme/authz/N9nPcdcdHQXv4UrCvR2VrCavNUNGClZ4 protocol=HTTP/1.1 referer= remote-address=172.19.15.5 request-id=ckn6bcbctfrs73e26ivg response="{\"type\":\"urn:ietf:params:acme:error:malformed\",\"detail\":\"The request message was malformed\"}" size=93 status=400 user-agent="containous-traefik/3.0.0-beta4 xenolf-acme/4.14.0 (release; linux; arm64)" user-id=
2023-10-17 12:45:05 time="2023-10-17T10:45:05Z" level=info duration=23.275333ms duration-ns=23275333 fields.time="2023-10-17T10:45:05Z" method=POST name=ca nonce=WGY3MFNKTUJ5aGF3UG50OGNxUXJvYVNhcHJCSnNGVDM path=/acme/acme/new-order protocol=HTTP/1.1 referer= remote-address=172.19.15.5 request-id=ckn6bcbctfrs73e26j00 response="{\"id\":\"AlABQ0t8VZKDDeutMLbbM97mtDxKIsT5\",\"status\":\"pending\",\"expires\":\"2023-10-18T10:45:05Z\",\"identifiers\":[{\"type\":\"dns\",\"value\":\"site.tld\"},{\"type\":\"dns\",\"value\":\"*.site.tld\"}],\"notBefore\":\"2023-10-17T10:44:05Z\",\"notAfter\":\"2023-10-18T10:45:05Z\",\"authorizations\":[\"https://step-ca:9000/acme/acme/authz/tltkqHvHkwZkWZZzf1qcjSIoSp4HK4DF\",\"https://step-ca:9000/acme/acme/authz/zpqEGaudb9y7YRJfawiYcqSPR3XuG17E\"],\"finalize\":\"https://step-ca:9000/acme/acme/order/AlABQ0t8VZKDDeutMLbbM97mtDxKIsT5/finalize\"}" size=514 status=201 user-agent="containous-traefik/3.0.0-beta4 xenolf-acme/4.14.0 (release; linux; arm64)" user-id=
2023-10-17 12:45:05 time="2023-10-17T10:45:05Z" level=info duration=1.740125ms duration-ns=1740125 fields.time="2023-10-17T10:45:05Z" method=POST name=ca nonce=aDlsWFY1N3QyWDhNQzFqWnRTRzcwREtmRDFYYVo5MTc path=/acme/acme/authz/tltkqHvHkwZkWZZzf1qcjSIoSp4HK4DF protocol=HTTP/1.1 referer= remote-address=172.19.15.5 request-id=ckn6bcbctfrs73e26j0g response="{\"identifier\":{\"type\":\"dns\",\"value\":\"site.tld\"},\"status\":\"pending\",\"challenges\":[{\"type\":\"dns-01\",\"status\":\"pending\",\"token\":\"DnaUBlJzLX9CJRiJygQk0wJsV2JmTWRJ\",\"url\":\"https://step-ca:9000/acme/acme/challenge/tltkqHvHkwZkWZZzf1qcjSIoSp4HK4DF/eKXZpUWmGxUrcsGYXFRLuklBPQFhVgmu\"},{\"type\":\"http-01\",\"status\":\"pending\",\"token\":\"DnaUBlJzLX9CJRiJygQk0wJsV2JmTWRJ\",\"url\":\"https://step-ca:9000/acme/acme/challenge/tltkqHvHkwZkWZZzf1qcjSIoSp4HK4DF/YA7vafpGs15g6bhtlfKI5bUPfgEG2Fr2\"},{\"type\":\"tls-alpn-01\",\"status\":\"pending\",\"token\":\"DnaUBlJzLX9CJRiJygQk0wJsV2JmTWRJ\",\"url\":\"https://step-ca:9000/acme/acme/challenge/tltkqHvHkwZkWZZzf1qcjSIoSp4HK4DF/LTthV0JtSkqHgEViUBGLCHX5m2Zelepj\"}],\"wildcard\":false,\"expires\":\"2023-10-18T10:45:05Z\"}" size=729 status=200 user-agent="containous-traefik/3.0.0-beta4 xenolf-acme/4.14.0 (release; linux; arm64)" user-id=
2023-10-17 12:45:05 time="2023-10-17T10:45:05Z" level=info duration=1.837291ms duration-ns=1837291 fields.time="2023-10-17T10:45:05Z" method=POST name=ca nonce=Z1dEZVJWY2hGYU4xOXV5MlR5UGtwejM4ZmFxQ3pVZ1Q path=/acme/acme/authz/zpqEGaudb9y7YRJfawiYcqSPR3XuG17E protocol=HTTP/1.1 referer= remote-address=172.19.15.5 request-id=ckn6bcbctfrs73e26j10 response="{\"identifier\":{\"type\":\"dns\",\"value\":\"site.tld\"},\"status\":\"pending\",\"challenges\":[{\"type\":\"dns-01\",\"status\":\"pending\",\"token\":\"x1APcyqxauM7DVadi5hqCy0oeQQzvFaX\",\"url\":\"https://step-ca:9000/acme/acme/challenge/zpqEGaudb9y7YRJfawiYcqSPR3XuG17E/7TA4LilGCwhUH2n0PriIi6RzTynpldhH\"}],\"wildcard\":true,\"expires\":\"2023-10-18T10:45:05Z\"}" size=332 status=200 user-agent="containous-traefik/3.0.0-beta4 xenolf-acme/4.14.0 (release; linux; arm64)" user-id=
2023-10-17 12:45:06 time="2023-10-17T10:45:06Z" level=info duration=9.493ms duration-ns=9493000 fields.time="2023-10-17T10:45:06Z" method=POST name=ca nonce=ZjVibmNNOHRnSVRJM1VXdnRiNWlLdllNZWM5SzVFYVc path=/acme/acme/challenge/tltkqHvHkwZkWZZzf1qcjSIoSp4HK4DF/LTthV0JtSkqHgEViUBGLCHX5m2Zelepj protocol=HTTP/1.1 referer= remote-address=172.19.15.5 request-id=ckn6bcjctfrs73e26j1g response="{\"type\":\"tls-alpn-01\",\"status\":\"valid\",\"token\":\"DnaUBlJzLX9CJRiJygQk0wJsV2JmTWRJ\",\"validated\":\"2023-10-17T10:45:06Z\",\"url\":\"https://step-ca:9000/acme/acme/challenge/tltkqHvHkwZkWZZzf1qcjSIoSp4HK4DF/LTthV0JtSkqHgEViUBGLCHX5m2Zelepj\"}" size=233 status=200 user-agent="containous-traefik/3.0.0-beta4 xenolf-acme/4.14.0 (release; linux; arm64)" user-id=
2023-10-17 12:45:06 time="2023-10-17T10:45:06Z" level=info duration=1.325917ms duration-ns=1325917 fields.time="2023-10-17T10:45:06Z" method=POST name=ca nonce=Mlp0UGVCa0JRQ3RITllycUlUbDM5SE8yQW5mNmwzMzM path=/acme/acme/authz/tltkqHvHkwZkWZZzf1qcjSIoSp4HK4DF protocol=HTTP/1.1 referer= remote-address=172.19.15.5 request-id=ckn6bcjctfrs73e26j20 response="{\"identifier\":{\"type\":\"dns\",\"value\":\"site.tld\"},\"status\":\"valid\",\"challenges\":[{\"type\":\"dns-01\",\"status\":\"pending\",\"token\":\"DnaUBlJzLX9CJRiJygQk0wJsV2JmTWRJ\",\"url\":\"https://step-ca:9000/acme/acme/challenge/tltkqHvHkwZkWZZzf1qcjSIoSp4HK4DF/eKXZpUWmGxUrcsGYXFRLuklBPQFhVgmu\"},{\"type\":\"http-01\",\"status\":\"pending\",\"token\":\"DnaUBlJzLX9CJRiJygQk0wJsV2JmTWRJ\",\"url\":\"https://step-ca:9000/acme/acme/challenge/tltkqHvHkwZkWZZzf1qcjSIoSp4HK4DF/YA7vafpGs15g6bhtlfKI5bUPfgEG2Fr2\"},{\"type\":\"tls-alpn-01\",\"status\":\"valid\",\"token\":\"DnaUBlJzLX9CJRiJygQk0wJsV2JmTWRJ\",\"validated\":\"2023-10-17T10:45:06Z\",\"url\":\"https://step-ca:9000/acme/acme/challenge/tltkqHvHkwZkWZZzf1qcjSIoSp4HK4DF/LTthV0JtSkqHgEViUBGLCHX5m2Zelepj\"}],\"wildcard\":false,\"expires\":\"2023-10-18T10:45:05Z\"}" size=760 status=200 user-agent="containous-traefik/3.0.0-beta4 xenolf-acme/4.14.0 (release; linux; arm64)" user-id=
2023-10-17 12:45:06 time="2023-10-17T10:45:06Z" level=info duration=1.163125ms duration-ns=1163125 fields.time="2023-10-17T10:45:06Z" method=POST name=ca nonce=UUZFY2RWV2k3blRQUk5rMFA1c2xhdURKNWFmY3Y4VHo path=/acme/acme/authz/zpqEGaudb9y7YRJfawiYcqSPR3XuG17E protocol=HTTP/1.1 referer= remote-address=172.19.15.5 request-id=ckn6bcjctfrs73e26j2g response="{\"identifier\":{\"type\":\"dns\",\"value\":\"site.tld\"},\"status\":\"pending\",\"challenges\":[{\"type\":\"dns-01\",\"status\":\"pending\",\"token\":\"x1APcyqxauM7DVadi5hqCy0oeQQzvFaX\",\"url\":\"https://step-ca:9000/acme/acme/challenge/zpqEGaudb9y7YRJfawiYcqSPR3XuG17E/7TA4LilGCwhUH2n0PriIi6RzTynpldhH\"}],\"wildcard\":true,\"expires\":\"2023-10-18T10:45:05Z\"}" size=332 status=200 user-agent="containous-traefik/3.0.0-beta4 xenolf-acme/4.14.0 (release; linux; arm64)" user-id=
2023-10-17 12:45:06 time="2023-10-17T10:45:06Z" level=warning duration="942.125µs" duration-ns=942125 error="expected POST-as-GET" fields.time="2023-10-17T10:45:06Z" method=POST name=ca nonce=NW8xajRqZGdTR1NXNVZTTzVDTFpWNVowQ2N0YXZUbE0 path=/acme/acme/authz/zpqEGaudb9y7YRJfawiYcqSPR3XuG17E protocol=HTTP/1.1 referer= remote-address=172.19.15.5 request-id=ckn6bcjctfrs73e26j30 response="{\"type\":\"urn:ietf:params:acme:error:malformed\",\"detail\":\"The request message was malformed\"}" size=93 status=400 user-agent="containous-traefik/3.0.0-beta4 xenolf-acme/4.14.0 (release; linux; arm64)" user-id=
2023-10-17 12:45:06 time="2023-10-17T10:45:06Z" level=info duration=23.225084ms duration-ns=23225084 fields.time="2023-10-17T10:45:06Z" method=POST name=ca nonce=UmhtcEh4eDRRaWxVMGdXWnlMSVJqU0p5WmpJZUlnU0s path=/acme/acme/new-order protocol=HTTP/1.1 referer= remote-address=172.19.15.5 request-id=ckn6bcjctfrs73e26j3g response="{\"id\":\"23TEO4TQpFuqBhZGW2uGABhRo9SZwhOu\",\"status\":\"pending\",\"expires\":\"2023-10-18T10:45:06Z\",\"identifiers\":[{\"type\":\"dns\",\"value\":\"site.tld\"},{\"type\":\"dns\",\"value\":\"*.site.tld\"}],\"notBefore\":\"2023-10-17T10:44:06Z\",\"notAfter\":\"2023-10-18T10:45:06Z\",\"authorizations\":[\"https://step-ca:9000/acme/acme/authz/jAoY0g5pAhS59ElHCvjpHBT3jrdAA9LX\",\"https://step-ca:9000/acme/acme/authz/U5mq6BrDCwZjLFyihI2QEw6dACIZh7Dk\"],\"finalize\":\"https://step-ca:9000/acme/acme/order/23TEO4TQpFuqBhZGW2uGABhRo9SZwhOu/finalize\"}" size=514 status=201 user-agent="containous-traefik/3.0.0-beta4 xenolf-acme/4.14.0 (release; linux; arm64)" user-id=
...............
Your Environment
- OS: Docker Compose with Alpine
step-caVersion - Smallstep CLI/0.25.0 (linux/arm64)
Expected Behavior
An SSL certificate with site.tld and *.site.tld
Actual Behavior
As soon as I want to create a wildcard certificate the system tries to create the certificate endlessly
Additional Context
No response
Contributing
Vote on this issue by adding a 👍 reaction. To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already).
