When running the following code I get the error:
acme: authorization error for domain (where domain is replaced by my actual domain)
Has anyone else had this issue? The error returned does not give that much insight.
package main
import (
"crypto/tls"
"net/http"
"golang.org/x/crypto/acme/autocert"
)
func main() {
certManager := autocert.Manager{
Prompt: autocert.AcceptTOS,
HostPolicy: autocert.HostWhitelist(<domain>), //your domain here
Cache: autocert.DirCache("cache"), //folder for storing certificates
}
http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
w.Write([]byte("Hello world"))
})
server := &http.Server{
Addr: ":8086",
TLSConfig: &tls.Config{
GetCertificate: certManager.GetCertificate,
}
if err := server.ListenAndServeTLS("", ""); err != nil {
print(err.Error())
}
}
Perhaps your server is on port 8086 and the tls challenge is on port 443? Try instead serving on port 443 (You may have to setcap your binary to allow it to do this).
See this issue on lets encrypt: