sorry to open this again, but now the my main server (the one :80 and :443 are forwarded to) stop having a certificate for my Tailscale domain, but other 3 domains I’m serving from the the same Caddy instance are working just fine.
May 06 13:40:14 azabache caddy[328148]: {"level":"debug","ts":1651844414.714738,"logger":"tls.handshake","msg":"no matching certificates and no custom selection logic","identifier":"azabache.narwhal-nominal.ts.net"}
May 06 13:40:14 azabache caddy[328148]: {"level":"debug","ts":1651844414.7148476,"logger":"tls.handshake","msg":"no matching certificates and no custom selection logic","identifier":"*.narwhal-nominal.ts.net"}
May 06 13:40:14 azabache caddy[328148]: {"level":"debug","ts":1651844414.7149622,"logger":"tls.handshake","msg":"no matching certificates and no custom selection logic","identifier":"*.*.ts.net"}
May 06 13:40:14 azabache caddy[328148]: {"level":"debug","ts":1651844414.7150018,"logger":"tls.handshake","msg":"no matching certificates and no custom selection logic","identifier":"*.*.*.net"}
May 06 13:40:14 azabache caddy[328148]: {"level":"debug","ts":1651844414.7150383,"logger":"tls.handshake","msg":"no matching certificates and no custom selection logic","identifier":"*.*.*.*"}
May 06 13:40:14 azabache caddy[328148]: {"level":"debug","ts":1651844414.715091,"logger":"tls.handshake","msg":"no certificate matching TLS ClientHello","server_name":"azabache.narwhal-nominal.ts.net","remote":"100.106.90.42:50309","identifier":"azabache.narwhal-nominal.ts.net","cipher_suites":[4865,4867,4866,49195,49199,52393,52392,49196,49200,49162,49161,49171,49172,156,157,47,53],"cert_cache_fill":0.0003,"load_if_necessary":true,"obtain_if_necessary":true,"on_demand":false}
May 06 13:40:14 azabache caddy[328148]: {"level":"debug","ts":1651844414.7153354,"logger":"http.stdlib","msg":"http: TLS handshake error from 100.106.90.42:50309: no certificate available for 'azabache.narwhal-nominal.ts.net'"}
Update to include Caddyfile
{
debug
servers {
protocol {
experimental_http3
}
}
}
azabache.narwhal-nominal.ts.net {
encode zstd gzip
rewrite * /admin{uri}
reverse_proxy localhost:1080
log {
output file /var/log/caddy/pihole.log
}
}
chat.pinayalcachofa.es {
encode zstd gzip
reverse_proxy localhost:3000
log {
output file /var/log/caddy/rocket-chat.log
}
}
manual.pinayalcachofa.es {
encode zstd gzip
reverse_proxy unix//var/discourse/shared/standalone/nginx.http.sock
log {
output file /var/log/caddy/discourse.log
}
}
metricas.pinayalcachofa.es {
encode zstd gzip
reverse_proxy 192.168.10.65:3000
log {
output file /var/log/caddy/grafana.log
}
}
Update 2:
after being stuck on this for a while I’ve decide to open a new topic, as it’s a different issue: No matching certificate for Tailscale domain