[caddy2.9.1] warns skipped because it requires TLS

deip · January 15, 2025, 10:57pm

Hi, I just upgraded from caddy 2.8.4 to 2.9.1 and after restarted my caddy container, I see new WARN messages in the logs:

WARN    http    HTTP/2 skipped because it requires TLS  {"network": "tcp", "addr": ":12345"}
WARN    http    HTTP/3 skipped because it requires TLS  {"network": "tcp", "addr": ":12345"}
WARN    http    HTTP/2 skipped because it requires TLS  {"network": "tcp", "addr": ":80"}
WARN    http    HTTP/3 skipped because it requires TLS  {"network": "tcp", "addr": ":80"}

Im exposing some services in raw HTTP, for example

:12345 {
	log http-logger

	@nope not remote_ip private_ranges
	respond @nope "?" 404 {
		close
	}

	crowdsec
	root * /var/www/site
	file_server
}

These services are still working as expected. But I’m not sure how to get rid of those warnings?

fds · January 15, 2025, 11:28pm

It’s really just an entirely harmless reminder that you’re missing out on all the goodies of both HTTP/2 and HTTP/3 by not using https!

If you must, you can silence the warning by spelling out that you’re only enabling HTTP/1.x.

Add this in the global section:

{
	servers {
		protocols h1
	}
}

Note: this goes in the global section, ahead of the per-site configuration part you posted. See the documentation for details.

deip · January 15, 2025, 11:59pm

I see, thx!

Crydsch · January 19, 2025, 1:30pm

Hey, i have the same Warning, also after upgrading.

INF | ts=1737292853.4896452 logger=http.auto_https msg=server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS server_name=srv0 https_port=443 

INF | ts=1737292853.489657 logger=http.auto_https msg=enabling automatic HTTP->HTTPS redirects server_name=srv0 

INF | ts=1737292853.4896927 logger=tls.cache.maintenance msg=started background certificate maintenance cache=0xc000726280 

INF | ts=1737292853.4921868 logger=http msg=enabling HTTP/3 listener addr=:443 

INF | ts=1737292853.4922445 logger=http.log msg=server running name=srv0 protocols=["h1","h2","h3"] 

WRN | ts=1737292853.4922554 logger=http msg=HTTP/2 skipped because it requires TLS network=tcp addr=:80 

WRN | ts=1737292853.4922576 logger=http msg=HTTP/3 skipped because it requires TLS network=tcp addr=:80 

INF | ts=1737292853.4922585 logger=http.log msg=server running name=remaining_auto_https_redirects protocols=["h1","h2","h3"]

I use caddy for https termination and as a reverse proxy.

However, all of my subdomains use the https schema.

https://sub.domain.com {
	reverse_proxy 192.168.123.456:7890
}

Do you know why I get this warning?

system · February 18, 2025, 1:30pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.