Cannot proxy HTTPS

So I have a Master caddy version 1.0.3 on Windows which redirects to another servers inside the LAN.

The current configuration of the Master is like the following:

http://example.com {
    proxy / http://192.168.1.153:80 {
        transparent
    }
}

https://example.com {
    proxy / https://192.168.1.153:443 {
        transparent
    }
}

And the configuration of the caddy at 192.168.1.153 is the following:

http://example.com, https://example.com {
    root /example.com
}

http://example.com works fine but https://example.con gives 502 Bad Gateway.

If i use insecure_skip_verify I receive 403… And I don’t want to use it anyway.

Both 80 and 443 are open on the router and redirecting to the Master caddy. There must be something wrong with my configuration but I cannot see what is it.

PD

I have tried:

192.168.1.153:443

https://192.168.1.153

None seem to work.

Hi @Robert_Artenie, welcome to the Caddy community!

Does your secondary Caddy server have a valid certificate? The primary server doesn’t seem to think so, because 502 means a problem connecting to upstream (almost certainly because of the certificate) but 403 means we connected OK (but the secondary server didn’t want to give us anything).

Both machines share the same .caddy folder, I’m on windows and the documentation isn’t very clear on this. I guess certs are there as the second machine doesn’t give an error about certs. Nothing shows up on the logs anyway…

What do you get from running curl -IH "Host:example.com" https://192.168.1.153:443 (swapping example.com out for your real domain)?

While we’re at it, this line, if you’re running on Windows…:

…is probably going to cause problems. I’m not even sure how this one works when you need to specify a drive letter in order to start an absolute path. But if the Caddy server doesn’t have permissions to access whatever’s in the root, that would explain the 403 errors.

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.