1. Caddy version (caddy version
): 2.4.0
2. How I run Caddy:
caddy start
c. Service/unit/compose file:
NIL
#### Generic HTTS reverse proxy configuration for public hosting; GoDaddy SSL certificate
4. Error messages and/or full log output:
No log written, log level : Debug
We just bought an F5 ASM Web Access Firewall (4600). We have a public website written in GO and Vuejs, reversed proxied from caddy. After configuring WAF for the webserver; It is sending
an empty response. Before this our app was perfectly working TLS 1.3 (GoDaddy SHA256 wildcard certificate). Firewall configuration works for non caddy server (IIS, Apache).
Server side SSL handshake between WAF and Caddy not happening. I analysed the traffic using wireshark and found that I was recieving
SSL handshake failure Server [FIN, ACK]. Secured TCP connection is not completing and client is recieving empty response. Firewall is configured in TLS termination mode with same SSL certificate ( public cert, private key, certificate chain ) for client side encryption and server side encryption.
5. What I already tried:
I enabled SSL offloading on WAF disableing server side encryption . Now my client side traffic is encrypted and WAF to server side traffic is http.