Port usage contradiction error #250
Description
What would you like to have changed?
I have seen the message below in my logs:
[WARNING] OS reports a contradiction: listen tcp :443: bind: address already in use - but we cannot connect to it, with this error: dial tcp :443: connect: connection refused; continuing anyway 🤞 (I don't know what causes this... if you do, please help?)
Lines 385 to 389 in 03d0645
Here is how I used the library:
// SETUP TLS
certmagic.DefaultACME.Email = "redacted@example.org"
certmagic.DefaultACME.Agreed = true
certmagic.DefaultACME.DisableHTTPChallenge = true
// bugfix will come here
certConfig := certmagic.NewDefault()
certConfig.Storage = &certmagic.FileStorage{
Path: stateDir + ".certmagic",
}
tlsConfig := certConfig.TLSConfig()
tlsConfig.NextProtos = append([]string{"h2", "http/1.1"}, tlsConfig.NextProtos...)
ln, err = tls.Listen("tcp", addr, tlsConfig)
if err != nil {
return err
}
if err := certConfig.ManageAsync(ctx, domains); err != nil { // async to prevent systemd restart
return fmt.Errorf("could not manage TLS certificates: %v", err)
}However the addr variable is no just a port (:443), but a full IPv6 address ([1234::1]:443).
So it probably went like this:
- my program binds to
[1234::1]:443 - certmagic tries to dial
:443: no reply since I am not listening everywhere - certmagic tries to bind
:443: failure since this port is not free for[1234::1]
In my case, the solution was to adjust certmagic.DefaultACME.ListenHost
certmagic.DefaultACME.DisableHTTPChallenge = true
certmagic.DefaultACME.ListenHost, _, err = net.SplitHostPort(addr)
if err != nil {
return err
}
logger.Log("listen-host", certmagic.DefaultACME.ListenHost)Maybe this information can help craft a better error message?