What would you like to have changed?
I have seen the message below in my logs:
[WARNING] OS reports a contradiction: listen tcp :443: bind: address already in use - but we cannot connect to it, with this error: dial tcp :443: connect: connection refused; continuing anyway 🤞 (I don't know what causes this... if you do, please help?)
|
if strings.Contains(listenErr.Error(), "address already in use") || |
|
strings.Contains(listenErr.Error(), "one usage of each socket address") { |
|
log.Printf("[WARNING] OS reports a contradiction: %v - but we cannot connect to it, with this error: %v; continuing anyway 🤞", listenErr, connectErr) |
|
return nil, nil |
|
} |
Here is how I used the library:
// SETUP TLS
certmagic.DefaultACME.Email = "[email protected]"
certmagic.DefaultACME.Agreed = true
certmagic.DefaultACME.DisableHTTPChallenge = true
// bugfix will come here
certConfig := certmagic.NewDefault()
certConfig.Storage = &certmagic.FileStorage{
Path: stateDir + ".certmagic",
}
tlsConfig := certConfig.TLSConfig()
tlsConfig.NextProtos = append([]string{"h2", "http/1.1"}, tlsConfig.NextProtos...)
ln, err = tls.Listen("tcp", addr, tlsConfig)
if err != nil {
return err
}
if err := certConfig.ManageAsync(ctx, domains); err != nil { // async to prevent systemd restart
return fmt.Errorf("could not manage TLS certificates: %v", err)
}However the addr variable is no just a port (:443), but a full IPv6 address ([1234::1]:443).
So it probably went like this:
- my program binds to
[1234::1]:443
- certmagic tries to dial
:443: no reply since I am not listening everywhere
- certmagic tries to bind
:443: failure since this port is not free for [1234::1]
In my case, the solution was to adjust certmagic.DefaultACME.ListenHost
certmagic.DefaultACME.DisableHTTPChallenge = true
certmagic.DefaultACME.ListenHost, _, err = net.SplitHostPort(addr)
if err != nil {
return err
}
logger.Log("listen-host", certmagic.DefaultACME.ListenHost)Maybe this information can help craft a better error message?
What would you like to have changed?
I have seen the message below in my logs:
certmagic/solvers.go
Lines 385 to 389 in 03d0645
Here is how I used the library:
However the
addrvariable is no just a port (:443), but a full IPv6 address ([1234::1]:443).So it probably went like this:
[1234::1]:443:443: no reply since I am not listening everywhere:443: failure since this port is not free for[1234::1]In my case, the solution was to adjust
certmagic.DefaultACME.ListenHostMaybe this information can help craft a better error message?