Remove this, it’s redundant. Caddy default to TLS 1.2 as minimum and the maximum that exists currently is TLS 1.3. Having this in your config would prevent a future version of Caddy from being able to automatically enable some theoretical TLS 1.4 if/when that is introduced. Let Caddy do the smart thing.
Are you sure you need this? You already have a code subdomain.
You made a request to localhost but you configured your domain as code.chrisshort.net. Make a request to code.chrisshort.net instead and it should work. You didn’t configure Caddy to serve a certificate for localhost.