1. Caddy version (caddy version
): v2.4.3 h1:Y1FaV2N4WO3rBqxSYA8UZsZTQdN+PwcoOcAiZTM8C0I=
2. How I run Caddy: caddy run
a. System environment: mac os(big sur)
b. Command:
caddy run
c. Service/unit/compose file: I’m not using any containers
hello.life {
reverse_proxy localhost:3000
}
api.hello.life {
reverse_proxy localhost:4000
}
d. My complete Caddyfile or JSON config:
hello.life {
reverse_proxy localhost:3000
}
api.hello.life {
reverse_proxy localhost:4000
}
3. The problem I’m having: unable to use custom domains while running caddy
4. Error messages and/or full log output:
{"level":"info","ts":1631246838.3194711,"msg":"using adjacent Caddyfile"}
{"level":"warn","ts":1631246838.327212,"msg":"input is not formatted with 'caddy fmt'","adapter":"caddyfile","file":"Caddyfile","line":2}
{"level":"info","ts":1631246838.340451,"logger":"admin","msg":"admin endpoint started","address":"tcp/localhost:2019","enforce_origin":false,"origins":["localhost:2019","[::1]:2019","127.0.0.1:2019"]}
{"level":"info","ts":1631246838.351688,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0xc000546540"}
{"level":"info","ts":1631246838.361684,"logger":"http","msg":"server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS","server_name":"srv0","https_port":443}
{"level":"info","ts":1631246838.3618271,"logger":"http","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv0"}
{"level":"info","ts":1631246838.367006,"logger":"tls","msg":"cleaning storage unit","description":"FileStorage:/Users/avi/Library/Application Support/Caddy"}
{"level":"info","ts":1631246838.3693912,"logger":"http","msg":"enabling automatic TLS certificate management","domains":["api.hello.life","hello.life"]}
{"level":"info","ts":1631246838.373826,"logger":"tls.obtain","msg":"acquiring lock","identifier":"api.hello.life"}
{"level":"info","ts":1631246838.373835,"msg":"autosaved config (load with --resume flag)","file":"/Users/avi/Library/Application Support/Caddy/autosave.json"}
{"level":"info","ts":1631246838.37485,"msg":"serving initial configuration"}
{"level":"info","ts":1631246838.377813,"logger":"tls.obtain","msg":"acquiring lock","identifier":"hello.life"}
{"level":"info","ts":1631246838.393932,"logger":"tls.obtain","msg":"lock acquired","identifier":"api.hello.life"}
{"level":"info","ts":1631246838.394253,"logger":"tls","msg":"finished cleaning storage units"}
{"level":"info","ts":1631246838.404062,"logger":"tls.obtain","msg":"lock acquired","identifier":"hello.life"}
{"level":"info","ts":1631246838.419054,"logger":"tls.issuance.acme","msg":"waiting on internal rate limiter","identifiers":["hello.life"],"ca":"https://acme-v02.api.letsencrypt.org/directory","account":""}
{"level":"info","ts":1631246838.41908,"logger":"tls.issuance.acme","msg":"done waiting on internal rate limiter","identifiers":["hello.life"],"ca":"https://acme-v02.api.letsencrypt.org/directory","account":""}
{"level":"info","ts":1631246838.419462,"logger":"tls.issuance.acme","msg":"waiting on internal rate limiter","identifiers":["api.hello.life"],"ca":"https://acme-v02.api.letsencrypt.org/directory","account":""}
{"level":"info","ts":1631246838.4195101,"logger":"tls.issuance.acme","msg":"done waiting on internal rate limiter","identifiers":["api.hello.life"],"ca":"https://acme-v02.api.letsencrypt.org/directory","account":""}
{"level":"info","ts":1631246841.707753,"logger":"tls.issuance.acme.acme_client","msg":"trying to solve challenge","identifier":"hello.life","challenge_type":"tls-alpn-01","ca":"https://acme-v02.api.letsencrypt.org/directory"}
{"level":"info","ts":1631246843.263273,"logger":"tls.issuance.acme.acme_client","msg":"trying to solve challenge","identifier":"api.hello.life","challenge_type":"tls-alpn-01","ca":"https://acme-v02.api.letsencrypt.org/directory"}
{"level":"error","ts":1631246845.62238,"logger":"tls.issuance.acme.acme_client","msg":"challenge failed","identifier":"api.hello.life","challenge_type":"tls-alpn-01","status_code":400,"problem_type":"urn:ietf:params:acme:error:dns","error":"DNS problem: SERVFAIL looking up A for api.hello.life - the domain's nameservers may be malfunctioning"}
{"level":"error","ts":1631246845.622485,"logger":"tls.issuance.acme.acme_client","msg":"validating authorization","identifier":"api.hello.life","error":"authorization failed: HTTP 400 urn:ietf:params:acme:error:dns - DNS problem: SERVFAIL looking up A for api.hello.life - the domain's nameservers may be malfunctioning","order":"https://acme-v02.api.letsencrypt.org/acme/order/136710620/23331096750","attempt":1,"max_attempts":3}
{"level":"info","ts":1631246847.648432,"logger":"tls.issuance.acme.acme_client","msg":"trying to solve challenge","identifier":"api.hello.life","challenge_type":"http-01","ca":"https://acme-v02.api.letsencrypt.org/directory"}
{"level":"error","ts":1631246850.0144582,"logger":"tls.issuance.acme.acme_client","msg":"challenge failed","identifier":"api.hello.life","challenge_type":"http-01","status_code":400,"problem_type":"urn:ietf:params:acme:error:dns","error":"DNS problem: SERVFAIL looking up A for api.hello.life - the domain's nameservers may be malfunctioning"}
{"level":"error","ts":1631246850.0145228,"logger":"tls.issuance.acme.acme_client","msg":"validating authorization","identifier":"api.hello.life","error":"authorization failed: HTTP 400 urn:ietf:params:acme:error:dns - DNS problem: SERVFAIL looking up A for api.hello.life - the domain's nameservers may be malfunctioning","order":"https://acme-v02.api.letsencrypt.org/acme/order/136710620/23331111320","attempt":2,"max_attempts":3}
{"level":"error","ts":1631246852.4044979,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"api.hello.life","issuer":"acme-v02.api.letsencrypt.org-directory","error":"[api.hello.life] solving challenges: api.hello.life: no solvers available for remaining challenges (configured=[http-01 tls-alpn-01] offered=[http-01 dns-01 tls-alpn-01] remaining=[dns-01]) (order=https://acme-v02.api.letsencrypt.org/acme/order/136710620/23331123520) (ca=https://acme-v02.api.letsencrypt.org/directory)"}
{"level":"warn","ts":1631246852.414479,"logger":"tls.issuance.zerossl","msg":"missing email address for ZeroSSL; it is strongly recommended to set one for next time"}
{"level":"info","ts":1631246853.81291,"logger":"tls.issuance.zerossl","msg":"generated EAB credentials","key_id":"aiHeguxQllu84bCBzErqMQ"}
{"level":"error","ts":1631246854.515438,"logger":"tls.issuance.acme.acme_client","msg":"challenge failed","identifier":"hello.life","challenge_type":"tls-alpn-01","status_code":400,"problem_type":"urn:ietf:params:acme:error:dns","error":"DNS problem: SERVFAIL looking up A for hello.life - the domain's nameservers may be malfunctioning"}
{"level":"error","ts":1631246854.5154922,"logger":"tls.issuance.acme.acme_client","msg":"validating authorization","identifier":"hello.life","error":"authorization failed: HTTP 400 urn:ietf:params:acme:error:dns - DNS problem: SERVFAIL looking up A for hello.life - the domain's nameservers may be malfunctioning","order":"https://acme-v02.api.letsencrypt.org/acme/order/136710620/23331093920","attempt":1,"max_attempts":3}
{"level":"error","ts":1631246855.61081,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"api.hello.life","issuer":"acme.zerossl.com-v2-DV90","error":"registering account [mailto:caddy@zerossl.com] with server: fetching new nonce from server: HTTP 504: "}
{"level":"error","ts":1631246855.611053,"logger":"tls.obtain","msg":"will retry","error":"[api.hello.life] Obtain: registering account [mailto:caddy@zerossl.com] with server: fetching new nonce from server: HTTP 504: ","attempt":1,"retrying_in":60,"elapsed":17.216921142,"max_duration":2592000}
{"level":"info","ts":1631246856.9393868,"logger":"tls.issuance.acme.acme_client","msg":"trying to solve challenge","identifier":"hello.life","challenge_type":"http-01","ca":"https://acme-v02.api.letsencrypt.org/directory"}
{"level":"error","ts":1631246859.3924422,"logger":"tls.issuance.acme.acme_client","msg":"challenge failed","identifier":"hello.life","challenge_type":"http-01","status_code":400,"problem_type":"urn:ietf:params:acme:error:dns","error":"DNS problem: SERVFAIL looking up A for hello.life - the domain's nameservers may be malfunctioning"}
{"level":"error","ts":1631246859.3925178,"logger":"tls.issuance.acme.acme_client","msg":"validating authorization","identifier":"hello.life","error":"authorization failed: HTTP 400 urn:ietf:params:acme:error:dns - DNS problem: SERVFAIL looking up A for hello.life - the domain's nameservers may be malfunctioning","order":"https://acme-v02.api.letsencrypt.org/acme/order/136710620/23331134990","attempt":2,"max_attempts":3}
{"level":"error","ts":1631246862.275104,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"hello.life","issuer":"acme-v02.api.letsencrypt.org-directory","error":"[hello.life] solving challenges: hello.life: no solvers available for remaining challenges (configured=[http-01 tls-alpn-01] offered=[http-01 dns-01 tls-alpn-01] remaining=[dns-01]) (order=https://acme-v02.api.letsencrypt.org/acme/order/136710620/23331146290) (ca=https://acme-v02.api.letsencrypt.org/directory)"}
{"level":"warn","ts":1631246862.275466,"logger":"tls.issuance.zerossl","msg":"missing email address for ZeroSSL; it is strongly recommended to set one for next time"}
{"level":"info","ts":1631246862.686527,"logger":"tls.issuance.zerossl","msg":"generated EAB credentials","key_id":"286ofmKUJ2EycgrjLUfZnA"}
{"level":"info","ts":1631246864.524544,"logger":"tls.issuance.acme","msg":"waiting on internal rate limiter","identifiers":["hello.life"],"ca":"https://acme.zerossl.com/v2/DV90","account":""}
{"level":"info","ts":1631246864.524609,"logger":"tls.issuance.acme","msg":"done waiting on internal rate limiter","identifiers":["hello.life"],"ca":"https://acme.zerossl.com/v2/DV90","account":""}
{"level":"info","ts":1631246866.476463,"logger":"tls.issuance.acme.acme_client","msg":"trying to solve challenge","identifier":"hello.life","challenge_type":"http-01","ca":"https://acme.zerossl.com/v2/DV90"}
^C{"level":"info","ts":1631246899.986015,"msg":"shutting down","signal":"SIGINT"}
{"level":"warn","ts":1631246899.9863622,"msg":"exiting; byeee!! 👋","signal":"SIGINT"}
{"level":"info","ts":1631246899.989776,"logger":"tls.cache.maintenance","msg":"stopped background certificate maintenance","cache":"0xc000546540"}
{"level":"info","ts":1631246899.9901881,"logger":"tls.obtain","msg":"releasing lock","identifier":"api.hello.life"}
{"level":"warn","ts":1631246899.99072,"logger":"tls.issuance.acme.acme_client","msg":"HTTP request failed; retrying","url":"https://acme.zerossl.com/v2/DV90/authz/diq8K704YaYo0HjmFfg0VA","error":"performing request: Post \"https://acme.zerossl.com/v2/DV90/authz/diq8K704YaYo0HjmFfg0VA\": context canceled"}
{"level":"error","ts":1631246899.9907572,"logger":"tls.issuance.acme.acme_client","msg":"deactivating authorization","identifier":"hello.life","authz":"https://acme.zerossl.com/v2/DV90/authz/diq8K704YaYo0HjmFfg0VA","error":"request to https://acme.zerossl.com/v2/DV90/authz/diq8K704YaYo0HjmFfg0VA failed after 1 attempts: context canceled"}
{"level":"error","ts":1631246899.990793,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"hello.life","issuer":"acme.zerossl.com-v2-DV90","error":"[hello.life] solving challenges: [hello.life] context canceled (order=https://acme.zerossl.com/v2/DV90/order/GmcaM-g9pVy7dEjqY2sP0Q) (ca=https://acme.zerossl.com/v2/DV90)"}
{"level":"info","ts":1631246899.9913962,"logger":"tls.obtain","msg":"releasing lock","identifier":"hello.life"}
{"level":"error","ts":1631246899.9916852,"logger":"tls","msg":"job failed","error":"api.hello.life: obtaining certificate: context canceled"}
{"level":"error","ts":1631246899.991849,"logger":"tls.obtain","msg":"unable to unlock","identifier":"hello.life","lock_key":"issue_cert_hello.life","error":"remove /Users/avi/Library/Application Support/Caddy/locks/issue_cert_hello.life.lock: no such file or directory"}
{"level":"error","ts":1631246899.991874,"logger":"tls","msg":"job failed","error":"hello.life: obtaining certificate: [hello.life] Obtain: [hello.life] solving challenges: [hello.life] context canceled (order=https://acme.zerossl.com/v2/DV90/order/GmcaM-g9pVy7dEjqY2sP0Q) (ca=https://acme.zerossl.com/v2/DV90)"}
{"level":"info","ts":1631246899.991936,"logger":"admin","msg":"stopped previous server","address":"tcp/localhost:2019"}
{"level":"info","ts":1631246899.9919481,"msg":"shutdown complete","signal":"SIGINT","exit_code":0}
5. What I already tried:
6. Links to relevant resources:
I’ve a caddy server running on my localhost. right now my Caddyfile
looks like as follows:
hello.life {
reverse_proxy localhost:3000
}
api.hello.life {
reverse_proxy localhost:4000
}
unfortunately when I run caddy run
my custom domains are not working in my browser, how do I make it work also make the reverse proxy available?
Thanks for your time.