Caddy running alongside IIS = Port Conundrum

1. The problem I’m having:

I am running Caddy alongside IIS to run an AMP application management server that uses port 8080

After some troubleshooting, I’ve found that the “World Wide Web Publishing Service” is what IIS uses, when I turn this service off, I can get Caddy to work, it creates a certificate and I can resolve my DNS using HTTPS.

Unfortunately, I need IIS running to run my websites.

Any ideas on how I can get them both running at the same time? Or is this impossible?

2. Error messages and/or full log output:

C:\caddy>c:\caddy\caddy.exe reverse-proxy --from amp.watchbound.com --to localhost:8080
2024/11/01 00:12:13.948 ←[33mWARN←[0m   admin   admin endpoint disabled
2024/11/01 00:12:13.948 ←[34mINFO←[0m   tls.cache.maintenance   started background certificate maintenance      {"cache": "0xc00040d280"}
2024/11/01 00:12:13.948 ←[34mINFO←[0m   http.auto_https server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS {"server_name": "proxy", "https_port": 443}
2024/11/01 00:12:13.964 ←[34mINFO←[0m   http.auto_https enabling automatic HTTP->HTTPS redirects        {"server_name": "proxy"}
2024/11/01 00:12:13.964 ←[34mINFO←[0m   tls.cache.maintenance   stopped background certificate maintenance      {"cache": "0xc00040d280"}
Error: loading new config: http app module: start: listening on :443: listen tcp :443: bind: An attempt was made to access a socket in a way forbidden by its access permissions.

3. Caddy version:

2.8.4

4. How I installed and ran Caddy:

Setup caddy with NSSM to run as a service. Created a batch script with the below input to run. Worked fine for my purposes *when IIS is not running.

a. System environment:

Windows Server 2022 Datacenter

b. Command:

c:\caddy\caddy.exe reverse-proxy --from amp.watchbound.com --to localhost:8080

pause

c. Service/unit/compose file:

PASTE OVER THIS, BETWEEN THE ``` LINES.
Please use the preview pane to ensure it looks nice.

d. My complete Caddy config:

PASTE OVER THIS, BETWEEN THE ``` LINES.
Please use the preview pane to ensure it looks nice.

5. Links to relevant resources:

You probably want to review your site bindings in IIS and ensure that none of them are using port 443.

I don’t believe IIS should be binding port 443 if none of the active sites have site bindings for it. I know some Windows Server services set up IIS bindings, WSUS for example, that would probably not be feasible to move to another port.

1 Like

unfortunately in order for my websites to be assigned their SSL certificates, they need to use port 443.

I might be :poop: out of luck

I ended up figuring out how to create a reverse proxy using IIS by installing the Application Request Routing and enabling reverse proxy.
This is request is resolved

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.