Caddy Reverse Proxy with Cloudflare DNS [SOLVED]

1. Caddy version (caddy version):

2.3.0

2. How I run Caddy:

system service

a. System environment:

Ubuntu 20.0.4

b. Command:

caddy start

d. My complete Caddyfile or JSON config:

{
    # email to use on Let's Encrypt
    email darthvader@deathstar.com

    # Uncomment for debug
    acme_ca https://acme-staging-v02.api.letsencrypt.org/directory
    debug
}

(cloudflare) {
    tls {
        dns cloudflare ABCdefghi
    }
}

yoda.deathstar.com {
    reverse_proxy http://192.168.1.123:80 {
}


3. The problem I’m having:

I’m unable to get the cert as i get this error message

2021/03/24 20:05:54.719 ERROR tls.issuance.acme.acme_client challenge failed {“identifier”: “yoda.deathstar.com”, “challenge_type”: “tls-alpn-01”, “status_code”: 400, “problem_type”: “urn:ietf:params:acme:error:connection”, “error”: “Timeout during connect (likely firewall problem)”}

I want to use a dns-01 challenge but i dont know how to do that

thanks

4. Error messages and/or full log output:

5. What I already tried:

6. Links to relevant resources:

I was able to make it work with a modified Caddyfile.

(cloudflare) {
    tls {
        dns cloudflare abcdefgg
        alpn disable_tlsalpn_challenge
    }
}

Yep, Cloudflare terminates TLS so the TLS-ALPN challenge won’t work. (but caddy will retry with the HTTP challenge anyway)

This topic was automatically closed after 30 days. New replies are no longer allowed.