1. Caddy version (caddy version
):
v2.0.0 h1:pQSaIJGFluFvu8KDGDODV8u4/QRED/OPyIR+MWYYse8=
2. How I run Caddy:
a. System environment:
Distributor ID: Ubuntu
Description: Ubuntu 18.04.4 LTS
Release: 18.04
Codename: bionic
Direct install from apt
b. Command:
caddy run
c. Service/unit/compose file:
NONE
d. My complete Caddyfile or JSON config:
{
debug
acme_ca "https://acme-staging-v02.api.letsencrypt.org/directory"
email "<email>"
experimental_http3
}
sub1.domain.com {
reverse_proxy 192.168.1.2:1000
}
sub2.domain.com {
reverse_proxy 192.168.1.2:1001
}
sub3.domain.com {
reverse_proxy 192.168.1.2:1003
}
3. The problem I’m having:
Despite no explicit statement of localhost, caddy will keep on trying to get a tls certificate for localhost or 127.0.0.1
4. Error messages and/or full log output:
root in /etc/caddy took 2s [I] ➜ caddy run ✘1
2020/06/04 06:01:01.114 INFO using adjacent Caddyfile
2020/06/04 06:01:01.116 INFO admin admin endpoint started {"address": "tcp/localhost:2019", "enforce_origin": false, "origins": ["[::1]:2019", "127.0.0.1:2019", "localhost:2019"]}
2020/06/04 06:01:01.116 INFO http server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS {"server_name": "srv0", "https_port": 443}
2020/06/04 06:01:01.117 INFO http enabling automatic HTTP->HTTPS redirects {"server_name": "srv0"}
2020/06/04 06:01:01.119 INFO tls cleaned up storage units
2020/06/04 06:01:01.119 INFO http enabling experimental HTTP/3 listener {"addr": ":443"}
2020/06/04 06:01:01.120 DEBUG http starting server loop {"address": "[::]:443", "http3": true, "tls": true}
2020/06/04 06:01:01.120 DEBUG http starting server loop {"address": "[::]:80", "http3": false, "tls": false}
2020/06/04 06:01:01.120 INFO http enabling automatic TLS certificate management {"domains": ["sub1.domain.com","sub2.domain.com","sub3.domain.com"]}
2020/06/03 23:01:01 [INFO][cache:0xc0006cf950] Started certificate maintenance routine
2020/06/04 06:01:01.420 INFO autosaved config {"file": "/root/.config/caddy/autosave.json"}
2020/06/04 06:01:01.420 INFO serving initial configuration
2020/06/03 23:01:07 http: TLS handshake error from 127.0.0.1:50198: no certificate available for '127.0.0.1'
2020/06/03 23:01:10 http: TLS handshake error from [::1]:40566: no certificate available for 'localhost'
2020/06/03 23:01:17 http: TLS handshake error from 127.0.0.1:50208: no certificate available for '127.0.0.1'
2020/06/03 23:01:20 http: TLS handshake error from [::1]:40576: no certificate available for 'localhost'
2020/06/03 23:01:27 http: TLS handshake error from 127.0.0.1:50218: no certificate available for '127.0.0.1'
2020/06/03 23:01:30 http: TLS handshake error from [::1]:40586: no certificate available for 'localhost'
2020/06/03 23:01:37 http: TLS handshake error from 127.0.0.1:50228: no certificate available for '127.0.0.1'
2020/06/03 23:01:40 http: TLS handshake error from [::1]:40596: no certificate available for 'localhost'
2020/06/03 23:01:47 http: TLS handshake error from 127.0.0.1:50238: no certificate available for '127.0.0.1'
2020/06/03 23:01:50 http: TLS handshake error from [::1]:40608: no certificate available for 'localhost'
^C2020/06/04 06:01:53.038 INFO shutting down {"signal": "SIGINT"}
2020/06/03 23:01:53 [DEBUG] Fake-closing underlying packet conn
2020/06/03 23:01:53 [INFO][cache:0xc0006cf950] Stopped certificate maintenance routine
2020/06/04 06:01:53.038 INFO admin stopped previous server
2020/06/04 06:01:53.038 INFO shutdown done {"signal": "SIGINT"}
5. What I already tried:
I tried explicitly adding a :80 and a :443 directive, but kept on getting an error
Also tried searching the forums, but did not find a relevant question/answer