I’ve been using Caddy for months now (without trouble). But today I had to switch my domain name, and I got in trouble halfway with the Automatic HTTPS.
This is my Caddyfile:
mydomainnothingelse.com {
# empty
}
I ran the command caddy (without any parameters). After a few seconds, it returns this:
Activating privacy features... 2018/12/17 12:50:55 [mydomainnothingelse.com] failed to get certificate: acme: Error 400 - urn:ietf:params:acme:error:connection - Fetching http://mydomainnothingelse.com/.well- known/acme-challenge/9ywCsG5SinZc3CiJfxx9UnwBPF1iVSqR-W0XMZl6TFw: Error getting validation data
I made sure to forward port 80 and 443 from the outside to my internal ip address (192.168.0.113) and point it to port 80 and 443 (again). I’ve also ran setcap to make sure caddy can bind to port 80 and 443, but I’m not sure I did it the right way… sudo setcap cap_net_bind_service=+ep /usr/local/bin/caddy.
I’m so desperate to the point that I ran ulimit -u 8192 /usr/local/bin/caddy (which is normally not needed).
Next thing to check is that Caddy is properly accessible via your external IP address.
Try adding tls self_signed to the site configuration for your domain name and bring up Caddy again. It should launch without trying to request any certificates.
When that’s done, run this in a shell:
curl -kIL example.com
(replacing example.com with your domain name as appropriate)
The response will give us an idea of what LetsEncrypt might be seeing when it tries to initiate an ACME challenge.
I managed to successfully implement the self-signed certificate and ran curl -kIL mydomainnothingelse.com. It returned:
curl: (8) Weird server reply
Any ideas what’s this? Thanks!
Looks like it wasn’t a “weird server reply” so much as “the server said nothing at all and then closed the connection”.
Just to confirm, try this (again substituting your own domain name for example.com):
curl -kIL -H "Host:example.com" 192.168.0.113
We want to see a good Caddy response from this; we’re testing how it responds to a request for your domain name, we’re just connecting directly to it locally instead of resolving it through the external IP.
Just to add to the frustuation, the command returned the same “weird server reply”. Thanks for your help anyways. I’ll try to resolve the problem myself. Maybe I missed something.
(doing it as above might have had it work for HTTP, redirected to the new location, which would have gone via external for HTTPS)
But if it gave you a weird server reply off the bat, it could be that the host in question (192.168.0.113) has a rogue firewall or some other issue meaning that Caddy isn’t listening on the expected ports.
Hi, (and sorry for being inactive for such a long time)
Thanks for all your effort and time. Long story short, I got so frustruated (I worked on this problem for about 9 hours) I decided to do the unprofessional thing and reset my router. It worked and it let me pass. No idea why.
One big problem right now: whenever I decide to write root index.html (or just try root …), the browser gives me this error:
The expected usage is that you designate the directory containing index.html rather than the file itself.
I also recommend you use an absolute path for it wherever possible, so that the ambiguity of relative paths doesn’t come back to bite you in unexpected ways.
If you don’t specify a root at all, Caddy will assume the web root to be the present working directory (i.e. the directory you were in when you launched Caddy).