Caddy v2 reverse proxy config for server already running on 443

1. My Caddy version (caddy version):


2. How I run Caddy:

caddy run (for now, but eventually as systemd service)

a. System environment:

Ubuntu 18.04

b. Command:

paste command here

c. Service/unit/compose file:

paste full file contents here

d. My complete Caddyfile or JSON config: {


3. The problem I’m having:

I have a meeting server running on port 443

4. Error messages and/or full log output:

http.log.error x509: cannot validate certificate for because it doesn't contain any IP SANs {"request": {"method": "GET", "uri": "/", "proto": "HTTP/2.0", "remote_addr": "x.x.x.x:45477", "host": "", "headers": {"Sec-Fetch-User": ["?1"], "Sec-Fetch-Dest": ["document"], "User-Agent": ["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64"], "Sec-Fetch-Site": ["none"], "Accept": ["text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9"], "Sec-Fetch-Mode": ["navigate"], "Accept-Encoding": ["gzip, deflate, br"], "Accept-Language": ["en-US,en;q=0.9"], "Dnt": ["1"], "Upgrade-Insecure-Requests": ["1"]}, "tls": {"resumed": false, "version": 772, "ciphersuite": 4865, "proto": "h2", "proto_mutual": true, "server_name": ""}}, "status": 502, "err_id": "4uhmencab", "err_trace": "reverseproxy.(*Handler).ServeHTTP (reverseproxy.go:362)"}

5. What I already tried:

this is my caddy v1 Caddyfile {

  proxy / {
 errors /opt/meet_errors.log

6. Links to relevant resources:

The proxied server also has acme certs, running behind an nginx proxy. i tried pointing it to the internal port 4444 but still get the same error

This is an instance of jitsi-meet server

Mysterious are the ways of the reverse proxy transport. The greatest teacher, failure is!

Disable security checks, you must:

reverse_proxy {
    transport http {

But, hmm… to a dark place this line of thought will carry us. Great care we must take. Once you start down the tls_insecure_skip_verify path, forever will it dominate your destiny. Consume you, it will.


To thank you very much, have I, that worked. Hmmmmmm.

May the force be with you


a simple, stupid syntax…i made… hmmmm

conspiracy it is, this syntax is … missed {}

:joy: :rofl:


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.