Caddy Server - getting error for local domain - "Certificate is not valid"

Nafis_Hasan · March 18, 2023, 11:17am

I have installed caddy with the following docker compose so that I can use it as a reverse proxy for one of my wordpress installation.

services:
  caddy:
    image: caddy:2.6.4-alpine
    container_name: caddy
    ports:
      - 80:80
      - 443:443
    volumes:
      - /mnt/wp1:/var/www/html
      - /mnt/caddy/caddy_data:/data
      - /mnt/caddy/caddy_config:/config
      - /mnt/caddy/Caddyfile:/etc/caddy/Caddyfile
    environment:
        ACME_AGREE: 'true'
    restart: always

Here is my Caddyfile.

raspberry2.local {
    reverse_proxy 192.168.142.135:8982
    file_server
    tls internal
}

**Issue - Getting “Not Secure”, “Certificate is not valid” error. Please check the following screenshot. **

How to resolve this issue?

I tried making necessary changes in the Caddyfile but still getting “Not Secure”, “Certificate is not valid” error.

fvbommel · March 18, 2023, 9:21pm

You’re not using a “public” domain name, so Caddy can’t get a trusted certificate for it. You’ve also set tls internal, so it won’t even try. Caddy will try to install its own self-signed TLS root, but since you’re running it in a container it can’t successfully do that automatically.

You should be able to grab that self-signed root certificate from /mnt/caddy/caddy_data/caddy/pki/authorities/local/root.crt and manually install it on your system (or maybe “locally” in your browser) as a trusted root.

francislavoie · March 19, 2023, 3:24am

FYI you can remove this, this was only needed for Caddy v1. Caddy v2 doesn’t use this env var at all.

system · April 18, 2023, 3:24am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.