~emersion/tlstunnel#27: 
failed to start listener: listen tcp :443: bind: address already in use

Seems like certmagic might be starting a TLS listener behind our backā€¦?

Mar 01 12:00:37 sheeta tlstunnel[368]: 2024/03/01 12:00:37 failed to start listener: listen tcp :443: bind: address already in use
Mar 01 12:00:37 sheeta tlstunnel[368]: 2024/03/01 12:00:37 [ERROR] TLS-ALPN challenge server: handshake: tls: client requested unsupported application protocols ([http/1.1])
Mar 01 12:00:37 sheeta tlstunnel[368]: 2024/03/01 12:00:37 [ERROR] TLS-ALPN challenge server: handshake: tls: client requested unsupported application protocols ([http/1.1])
Mar 01 12:00:37 sheeta tlstunnel[368]: 2024/03/01 12:00:37 [ERROR] TLS-ALPN challenge server: handshake: tls: client requested unsupported application protocols ([http/1.1])
Mar 01 12:00:37 sheeta tlstunnel[368]: 2024/03/01 12:00:37 [ERROR] TLS-ALPN challenge server: handshake: tls: client requested unsupported application protocols ([http/1.1])
Mar 01 12:00:36 sheeta tlstunnel[368]: 2024/03/01 12:00:36 [ERROR] TLS-ALPN challenge server: handshake: tls: client requested unsupported application protocols ([http/1.1])
Mar 01 12:00:36 sheeta tlstunnel[368]: 2024-03-01T12:00:36.781+0100        INFO        acme_client        trying to solve challenge        {"identifier": "[...]", "challenge_type": "tls-alpn-01", "ca": "https://acme>
Mar 01 12:00:36 sheeta tlstunnel[368]: 2024-03-01T12:00:36.766+0100        INFO        acme_client        trying to solve challenge        {"identifier": "[...]", "challenge_type": "tls-alpn-01", "ca": "https://acme-v02.api.letsencrypt.o>
Mar 01 12:00:35 sheeta tlstunnel[368]: 2024-03-01T12:00:35.856+0100        INFO        done waiting on internal rate limiter        {"identifiers": ["[...]"], "ca": "https://acme-v02.api.letsencrypt.org/directory", "account": ""}
Mar 01 12:00:35 sheeta tlstunnel[368]: 2024-03-01T12:00:35.856+0100        INFO        waiting on internal rate limiter        {"identifiers": ["[...]"], "ca": "https://acme-v02.api.letsencrypt.org/directory", "account": ""}
Mar 01 12:00:35 sheeta tlstunnel[368]: 2024-03-01T12:00:35.855+0100        INFO        renew        renewing certificate        {"identifier": "[...]", "remaining": "-1034h54m38.855349326s"}
Mar 01 12:00:35 sheeta tlstunnel[368]: 2024-03-01T12:00:35.854+0100        INFO        renew        lock acquired        {"identifier": "[...]"}
Mar 01 12:00:35 sheeta tlstunnel[368]: 2024/03/01 12:00:35 [INFO][FileStorage:/var/lib/tlstunnel] Lock for 'issue_cert_[...]' is stale (created: 2024-02-24 12:51:53.205836 +0100 CET, last update: 2024-03-01 12:00:19.654157444 +0100 CET);>
Mar 01 12:00:35 sheeta tlstunnel[368]: 2024-03-01T12:00:35.853+0100        INFO        renew        acquiring lock        {"identifier": "[...]"}
Mar 01 12:00:35 sheeta tlstunnel[368]: 2024-03-01T12:00:35.852+0100        WARN        stapling OCSP        {"error": "no OCSP stapling for [[...]]: parsing OCSP response: ocsp: error from server: unauthorized", "identifiers": ["[...]">
Mar 01 12:00:35 sheeta tlstunnel[368]: 2024-03-01T12:00:35.695+0100        INFO        done waiting on internal rate limiter        {"identifiers": ["[...]"], "ca": "https://acme-v02.api.letsencrypt.org/directory", >
Mar 01 12:00:35 sheeta tlstunnel[368]: 2024-03-01T12:00:35.695+0100        INFO        waiting on internal rate limiter        {"identifiers": ["[...]"], "ca": "https://acme-v02.api.letsencrypt.org/directory", "acco>
Mar 01 12:00:35 sheeta tlstunnel[368]: 2024-03-01T12:00:35.694+0100        INFO        renew        renewing certificate        {"identifier": "[...]", "remaining": "-1055h4m36.694470626s"}
Mar 01 12:00:35 sheeta tlstunnel[368]: 2024-03-01T12:00:35.694+0100        INFO        renew        lock acquired        {"identifier": "[...]"}
Mar 01 12:00:35 sheeta tlstunnel[368]: 2024/03/01 12:00:35 [INFO][FileStorage:/var/lib/tlstunnel] Lock for 'issue_cert_[...]' is stale (created: 2024-02-24 12:51:53.205849916 +0100 CET, last update: 2024-03-01 12:00>
Mar 01 12:00:35 sheeta tlstunnel[368]: 2024-03-01T12:00:35.692+0100        INFO        renew        acquiring lock        {"identifier": "[...]"}
Mar 01 12:00:35 sheeta tlstunnel[368]: 2024-03-01T12:00:35.690+0100        WARN        stapling OCSP        {"error": "no OCSP stapling for [[...]]: parsing OCSP response: ocsp: error from server: unauthorized", "id>
Mar 01 12:00:34 sheeta tlstunnel[368]: 1.7092908349255881e+09        info        maintenance        started background certificate maintenance        {"cache": "0xc00007e000"}
Mar 01 12:00:34 sheeta systemd[1]: Started tlstunnel reverse proxy.
Status
REPORTED
Submitter
~emersion
Assigned to
No-one
Submitted
10 months ago
Updated
10 months ago
Labels
bug