Can't get reverse proxy to work

1. The problem I’m having:

I can’t get reverse_proxy to work. It seems to redirect to itself rather than to the host I specify. I have replaced my domain with “example” for privacy, and as you can see I have a .com for the load balancer and a .org for the backend. The loadbalancer is api.example.com and the backend host is kb01.example.org. I’m including only the information on the loadbalancer since I get no traffic whatsoever arriving to kb01. As you can see in the logs in the loadbalancer, no the redirect is pointing to itself and no attempt is made to redirect to kb01.

2. Error messages and/or full log output:

root@lb:~# cat /etc/caddy/Caddyfile 
api.example.com {
	reverse_proxy kb01.example.org
	log {
		output file /var/log/caddy/access.log
	}
}
root@lb:~# caddy reload --config /etc/caddy/Caddyfile
2024/05/10 16:55:37.523	INFO	using provided configuration	{"config_file": "/etc/caddy/Caddyfile", "config_adapter": ""}
root@lb:~# curl -vL https://api.example.com 
*   Trying 149.202.34.249:443...
* Connected to api.example.com (149.202.34.249) port 443 (#0)
* ALPN: offers h2,http/1.1
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
*  CAfile: /etc/ssl/certs/ca-certificates.crt
*  CApath: /etc/ssl/certs
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_128_GCM_SHA256
* ALPN: server accepted h2
* Server certificate:
*  subject: CN=api.example.com
*  start date: May  9 09:33:01 2024 GMT
*  expire date: Aug  7 09:33:00 2024 GMT
*  subjectAltName: host "api.example.com" matched cert's "api.example.com"
*  issuer: C=US; O=Let's Encrypt; CN=R3
*  SSL certificate verify ok.
* using HTTP/2
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: api.example.com]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 1 (easy handle 0x563731a94c80)
> GET / HTTP/2
> Host: api.example.com
> user-agent: curl/7.88.1
> accept: */*
> 
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
< HTTP/2 308 
< alt-svc: h3=":443"; ma=2592000
< date: Fri, 10 May 2024 16:56:21 GMT
< location: https://api.example.com/
< server: Caddy
< server: Caddy
< content-length: 0
< 
* Connection #0 to host api.example.com left intact
* Issue another request to this URL: 'https://api.example.com/'
* Found bundle for host: 0x563731a8e0a0 [can multiplex]
* Re-using existing connection #0 with host api.example.com
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: api.example.com]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 3 (easy handle 0x563731a94c80)
> GET / HTTP/2
> Host: api.example.com
> user-agent: curl/7.88.1
> accept: */*
> 
< HTTP/2 308 
< alt-svc: h3=":443"; ma=2592000
< date: Fri, 10 May 2024 16:56:21 GMT
< location: https://api.example.com/
< server: Caddy
< server: Caddy
< content-length: 0
< 
* Connection #0 to host api.example.com left intact
* Issue another request to this URL: 'https://api.example.com/'
* Found bundle for host: 0x563731a8e0a0 [can multiplex]
* Re-using existing connection #0 with host api.example.com
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: api.example.com]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 5 (easy handle 0x563731a94c80)
> GET / HTTP/2
> Host: api.example.com
> user-agent: curl/7.88.1
> accept: */*
> 
< HTTP/2 308 
< alt-svc: h3=":443"; ma=2592000
< date: Fri, 10 May 2024 16:56:21 GMT
< location: https://api.example.com/
< server: Caddy
< server: Caddy
< content-length: 0
< 
* Connection #0 to host api.example.com left intact
* Issue another request to this URL: 'https://api.example.com/'
* Found bundle for host: 0x563731a8e0a0 [can multiplex]
* Re-using existing connection #0 with host api.example.com
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: api.example.com]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 7 (easy handle 0x563731a94c80)
> GET / HTTP/2
> Host: api.example.com
> user-agent: curl/7.88.1
> accept: */*
> 
< HTTP/2 308 
< alt-svc: h3=":443"; ma=2592000
< date: Fri, 10 May 2024 16:56:21 GMT
< location: https://api.example.com/
< server: Caddy
< server: Caddy
< content-length: 0
< 
* Connection #0 to host api.example.com left intact
* Issue another request to this URL: 'https://api.example.com/'
* Found bundle for host: 0x563731a8e0a0 [can multiplex]
* Re-using existing connection #0 with host api.example.com
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: api.example.com]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 9 (easy handle 0x563731a94c80)
> GET / HTTP/2
> Host: api.example.com
> user-agent: curl/7.88.1
> accept: */*
> 
< HTTP/2 308 
< alt-svc: h3=":443"; ma=2592000
< date: Fri, 10 May 2024 16:56:21 GMT
< location: https://api.example.com/
< server: Caddy
< server: Caddy
< content-length: 0
< 
* Connection #0 to host api.example.com left intact
* Issue another request to this URL: 'https://api.example.com/'
* Found bundle for host: 0x563731a8e0a0 [can multiplex]
* Re-using existing connection #0 with host api.example.com
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: api.example.com]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 11 (easy handle 0x563731a94c80)
> GET / HTTP/2
> Host: api.example.com
> user-agent: curl/7.88.1
> accept: */*
> 
< HTTP/2 308 
< alt-svc: h3=":443"; ma=2592000
< date: Fri, 10 May 2024 16:56:21 GMT
< location: https://api.example.com/
< server: Caddy
< server: Caddy
< content-length: 0
< 
* Connection #0 to host api.example.com left intact
* Issue another request to this URL: 'https://api.example.com/'
* Found bundle for host: 0x563731a8e0a0 [can multiplex]
* Re-using existing connection #0 with host api.example.com
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: api.example.com]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 13 (easy handle 0x563731a94c80)
> GET / HTTP/2
> Host: api.example.com
> user-agent: curl/7.88.1
> accept: */*
> 
< HTTP/2 308 
< alt-svc: h3=":443"; ma=2592000
< date: Fri, 10 May 2024 16:56:21 GMT
< location: https://api.example.com/
< server: Caddy
< server: Caddy
< content-length: 0
< 
* Connection #0 to host api.example.com left intact
* Issue another request to this URL: 'https://api.example.com/'
* Found bundle for host: 0x563731a8e0a0 [can multiplex]
* Re-using existing connection #0 with host api.example.com
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: api.example.com]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 15 (easy handle 0x563731a94c80)
> GET / HTTP/2
> Host: api.example.com
> user-agent: curl/7.88.1
> accept: */*
> 
< HTTP/2 308 
< alt-svc: h3=":443"; ma=2592000
< date: Fri, 10 May 2024 16:56:21 GMT
< location: https://api.example.com/
< server: Caddy
< server: Caddy
< content-length: 0
< 
* Connection #0 to host api.example.com left intact
* Issue another request to this URL: 'https://api.example.com/'
* Found bundle for host: 0x563731a8e0a0 [can multiplex]
* Re-using existing connection #0 with host api.example.com
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: api.example.com]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 17 (easy handle 0x563731a94c80)
> GET / HTTP/2
> Host: api.example.com
> user-agent: curl/7.88.1
> accept: */*
> 
< HTTP/2 308 
< alt-svc: h3=":443"; ma=2592000
< date: Fri, 10 May 2024 16:56:21 GMT
< location: https://api.example.com/
< server: Caddy
< server: Caddy
< content-length: 0
< 
* Connection #0 to host api.example.com left intact
* Issue another request to this URL: 'https://api.example.com/'
* Found bundle for host: 0x563731a8e0a0 [can multiplex]
* Re-using existing connection #0 with host api.example.com
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: api.example.com]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 19 (easy handle 0x563731a94c80)
> GET / HTTP/2
> Host: api.example.com
> user-agent: curl/7.88.1
> accept: */*
> 
< HTTP/2 308 
< alt-svc: h3=":443"; ma=2592000
< date: Fri, 10 May 2024 16:56:21 GMT
< location: https://api.example.com/
< server: Caddy
< server: Caddy
< content-length: 0
< 
* Connection #0 to host api.example.com left intact
* Issue another request to this URL: 'https://api.example.com/'
* Found bundle for host: 0x563731a8e0a0 [can multiplex]
* Re-using existing connection #0 with host api.example.com
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: api.example.com]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 21 (easy handle 0x563731a94c80)
> GET / HTTP/2
> Host: api.example.com
> user-agent: curl/7.88.1
> accept: */*
> 
< HTTP/2 308 
< alt-svc: h3=":443"; ma=2592000
< date: Fri, 10 May 2024 16:56:21 GMT
< location: https://api.example.com/
< server: Caddy
< server: Caddy
< content-length: 0
< 
* Connection #0 to host api.example.com left intact
* Issue another request to this URL: 'https://api.example.com/'
* Found bundle for host: 0x563731a8e0a0 [can multiplex]
* Re-using existing connection #0 with host api.example.com
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: api.example.com]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 23 (easy handle 0x563731a94c80)
> GET / HTTP/2
> Host: api.example.com
> user-agent: curl/7.88.1
> accept: */*
> 
< HTTP/2 308 
< alt-svc: h3=":443"; ma=2592000
< date: Fri, 10 May 2024 16:56:21 GMT
< location: https://api.example.com/
< server: Caddy
< server: Caddy
< content-length: 0
< 
* Connection #0 to host api.example.com left intact
* Issue another request to this URL: 'https://api.example.com/'
* Found bundle for host: 0x563731a8e0a0 [can multiplex]
* Re-using existing connection #0 with host api.example.com
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: api.example.com]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 25 (easy handle 0x563731a94c80)
> GET / HTTP/2
> Host: api.example.com
> user-agent: curl/7.88.1
> accept: */*
> 
< HTTP/2 308 
< alt-svc: h3=":443"; ma=2592000
< date: Fri, 10 May 2024 16:56:21 GMT
< location: https://api.example.com/
< server: Caddy
< server: Caddy
< content-length: 0
< 
* Connection #0 to host api.example.com left intact
* Issue another request to this URL: 'https://api.example.com/'
* Found bundle for host: 0x563731a8e0a0 [can multiplex]
* Re-using existing connection #0 with host api.example.com
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: api.example.com]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 27 (easy handle 0x563731a94c80)
> GET / HTTP/2
> Host: api.example.com
> user-agent: curl/7.88.1
> accept: */*
> 
< HTTP/2 308 
< alt-svc: h3=":443"; ma=2592000
< date: Fri, 10 May 2024 16:56:21 GMT
< location: https://api.example.com/
< server: Caddy
< server: Caddy
< content-length: 0
< 
* Connection #0 to host api.example.com left intact
* Issue another request to this URL: 'https://api.example.com/'
* Found bundle for host: 0x563731a8e0a0 [can multiplex]
* Re-using existing connection #0 with host api.example.com
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: api.example.com]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 29 (easy handle 0x563731a94c80)
> GET / HTTP/2
> Host: api.example.com
> user-agent: curl/7.88.1
> accept: */*
> 
< HTTP/2 308 
< alt-svc: h3=":443"; ma=2592000
< date: Fri, 10 May 2024 16:56:21 GMT
< location: https://api.example.com/
< server: Caddy
< server: Caddy
< content-length: 0
< 
* Connection #0 to host api.example.com left intact
* Issue another request to this URL: 'https://api.example.com/'
* Found bundle for host: 0x563731a8e0a0 [can multiplex]
* Re-using existing connection #0 with host api.example.com
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: api.example.com]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 31 (easy handle 0x563731a94c80)
> GET / HTTP/2
> Host: api.example.com
> user-agent: curl/7.88.1
> accept: */*
> 
< HTTP/2 308 
< alt-svc: h3=":443"; ma=2592000
< date: Fri, 10 May 2024 16:56:21 GMT
< location: https://api.example.com/
< server: Caddy
< server: Caddy
< content-length: 0
< 
* Connection #0 to host api.example.com left intact
* Issue another request to this URL: 'https://api.example.com/'
* Found bundle for host: 0x563731a8e0a0 [can multiplex]
* Re-using existing connection #0 with host api.example.com
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: api.example.com]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 33 (easy handle 0x563731a94c80)
> GET / HTTP/2
> Host: api.example.com
> user-agent: curl/7.88.1
> accept: */*
> 
< HTTP/2 308 
< alt-svc: h3=":443"; ma=2592000
< date: Fri, 10 May 2024 16:56:21 GMT
< location: https://api.example.com/
< server: Caddy
< server: Caddy
< content-length: 0
< 
* Connection #0 to host api.example.com left intact
* Issue another request to this URL: 'https://api.example.com/'
* Found bundle for host: 0x563731a8e0a0 [can multiplex]
* Re-using existing connection #0 with host api.example.com
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: api.example.com]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 35 (easy handle 0x563731a94c80)
> GET / HTTP/2
> Host: api.example.com
> user-agent: curl/7.88.1
> accept: */*
> 
< HTTP/2 308 
< alt-svc: h3=":443"; ma=2592000
< date: Fri, 10 May 2024 16:56:22 GMT
< location: https://api.example.com/
< server: Caddy
< server: Caddy
< content-length: 0
< 
* Connection #0 to host api.example.com left intact
* Issue another request to this URL: 'https://api.example.com/'
* Found bundle for host: 0x563731a8e0a0 [can multiplex]
* Re-using existing connection #0 with host api.example.com
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: api.example.com]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 37 (easy handle 0x563731a94c80)
> GET / HTTP/2
> Host: api.example.com
> user-agent: curl/7.88.1
> accept: */*
> 
< HTTP/2 308 
< alt-svc: h3=":443"; ma=2592000
< date: Fri, 10 May 2024 16:56:22 GMT
< location: https://api.example.com/
< server: Caddy
< server: Caddy
< content-length: 0
< 
* Connection #0 to host api.example.com left intact
* Issue another request to this URL: 'https://api.example.com/'
* Found bundle for host: 0x563731a8e0a0 [can multiplex]
* Re-using existing connection #0 with host api.example.com
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: api.example.com]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 39 (easy handle 0x563731a94c80)
> GET / HTTP/2
> Host: api.example.com
> user-agent: curl/7.88.1
> accept: */*
> 
< HTTP/2 308 
< alt-svc: h3=":443"; ma=2592000
< date: Fri, 10 May 2024 16:56:22 GMT
< location: https://api.example.com/
< server: Caddy
< server: Caddy
< content-length: 0
< 
* Connection #0 to host api.example.com left intact
* Issue another request to this URL: 'https://api.example.com/'
* Found bundle for host: 0x563731a8e0a0 [can multiplex]
* Re-using existing connection #0 with host api.example.com
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: api.example.com]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 41 (easy handle 0x563731a94c80)
> GET / HTTP/2
> Host: api.example.com
> user-agent: curl/7.88.1
> accept: */*
> 
< HTTP/2 308 
< alt-svc: h3=":443"; ma=2592000
< date: Fri, 10 May 2024 16:56:22 GMT
< location: https://api.example.com/
< server: Caddy
< server: Caddy
< content-length: 0
< 
* Connection #0 to host api.example.com left intact
* Issue another request to this URL: 'https://api.example.com/'
* Found bundle for host: 0x563731a8e0a0 [can multiplex]
* Re-using existing connection #0 with host api.example.com
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: api.example.com]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 43 (easy handle 0x563731a94c80)
> GET / HTTP/2
> Host: api.example.com
> user-agent: curl/7.88.1
> accept: */*
> 
< HTTP/2 308 
< alt-svc: h3=":443"; ma=2592000
< date: Fri, 10 May 2024 16:56:22 GMT
< location: https://api.example.com/
< server: Caddy
< server: Caddy
< content-length: 0
< 
* Connection #0 to host api.example.com left intact
* Issue another request to this URL: 'https://api.example.com/'
* Found bundle for host: 0x563731a8e0a0 [can multiplex]
* Re-using existing connection #0 with host api.example.com
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: api.example.com]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 45 (easy handle 0x563731a94c80)
> GET / HTTP/2
> Host: api.example.com
> user-agent: curl/7.88.1
> accept: */*
> 
< HTTP/2 308 
< alt-svc: h3=":443"; ma=2592000
< date: Fri, 10 May 2024 16:56:22 GMT
< location: https://api.example.com/
< server: Caddy
< server: Caddy
< content-length: 0
< 
* Connection #0 to host api.example.com left intact
* Issue another request to this URL: 'https://api.example.com/'
* Found bundle for host: 0x563731a8e0a0 [can multiplex]
* Re-using existing connection #0 with host api.example.com
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: api.example.com]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 47 (easy handle 0x563731a94c80)
> GET / HTTP/2
> Host: api.example.com
> user-agent: curl/7.88.1
> accept: */*
> 
< HTTP/2 308 
< alt-svc: h3=":443"; ma=2592000
< date: Fri, 10 May 2024 16:56:22 GMT
< location: https://api.example.com/
< server: Caddy
< server: Caddy
< content-length: 0
< 
* Connection #0 to host api.example.com left intact
* Issue another request to this URL: 'https://api.example.com/'
* Found bundle for host: 0x563731a8e0a0 [can multiplex]
* Re-using existing connection #0 with host api.example.com
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: api.example.com]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 49 (easy handle 0x563731a94c80)
> GET / HTTP/2
> Host: api.example.com
> user-agent: curl/7.88.1
> accept: */*
> 
< HTTP/2 308 
< alt-svc: h3=":443"; ma=2592000
< date: Fri, 10 May 2024 16:56:22 GMT
< location: https://api.example.com/
< server: Caddy
< server: Caddy
< content-length: 0
< 
* Connection #0 to host api.example.com left intact
* Issue another request to this URL: 'https://api.example.com/'
* Found bundle for host: 0x563731a8e0a0 [can multiplex]
* Re-using existing connection #0 with host api.example.com
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: api.example.com]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 51 (easy handle 0x563731a94c80)
> GET / HTTP/2
> Host: api.example.com
> user-agent: curl/7.88.1
> accept: */*
> 
< HTTP/2 308 
< alt-svc: h3=":443"; ma=2592000
< date: Fri, 10 May 2024 16:56:22 GMT
< location: https://api.example.com/
< server: Caddy
< server: Caddy
< content-length: 0
< 
* Connection #0 to host api.example.com left intact
* Issue another request to this URL: 'https://api.example.com/'
* Found bundle for host: 0x563731a8e0a0 [can multiplex]
* Re-using existing connection #0 with host api.example.com
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: api.example.com]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 53 (easy handle 0x563731a94c80)
> GET / HTTP/2
> Host: api.example.com
> user-agent: curl/7.88.1
> accept: */*
> 
< HTTP/2 308 
< alt-svc: h3=":443"; ma=2592000
< date: Fri, 10 May 2024 16:56:22 GMT
< location: https://api.example.com/
< server: Caddy
< server: Caddy
< content-length: 0
< 
* Connection #0 to host api.example.com left intact
* Issue another request to this URL: 'https://api.example.com/'
* Found bundle for host: 0x563731a8e0a0 [can multiplex]
* Re-using existing connection #0 with host api.example.com
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: api.example.com]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 55 (easy handle 0x563731a94c80)
> GET / HTTP/2
> Host: api.example.com
> user-agent: curl/7.88.1
> accept: */*
> 
< HTTP/2 308 
< alt-svc: h3=":443"; ma=2592000
< date: Fri, 10 May 2024 16:56:22 GMT
< location: https://api.example.com/
< server: Caddy
< server: Caddy
< content-length: 0
< 
* Connection #0 to host api.example.com left intact
* Issue another request to this URL: 'https://api.example.com/'
* Found bundle for host: 0x563731a8e0a0 [can multiplex]
* Re-using existing connection #0 with host api.example.com
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: api.example.com]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 57 (easy handle 0x563731a94c80)
> GET / HTTP/2
> Host: api.example.com
> user-agent: curl/7.88.1
> accept: */*
> 
< HTTP/2 308 
< alt-svc: h3=":443"; ma=2592000
< date: Fri, 10 May 2024 16:56:22 GMT
< location: https://api.example.com/
< server: Caddy
< server: Caddy
< content-length: 0
< 
* Connection #0 to host api.example.com left intact
* Issue another request to this URL: 'https://api.example.com/'
* Found bundle for host: 0x563731a8e0a0 [can multiplex]
* Re-using existing connection #0 with host api.example.com
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: api.example.com]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 59 (easy handle 0x563731a94c80)
> GET / HTTP/2
> Host: api.example.com
> user-agent: curl/7.88.1
> accept: */*
> 
< HTTP/2 308 
< alt-svc: h3=":443"; ma=2592000
< date: Fri, 10 May 2024 16:56:22 GMT
< location: https://api.example.com/
< server: Caddy
< server: Caddy
< content-length: 0
< 
* Connection #0 to host api.example.com left intact
* Issue another request to this URL: 'https://api.example.com/'
* Found bundle for host: 0x563731a8e0a0 [can multiplex]
* Re-using existing connection #0 with host api.example.com
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: api.example.com]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 61 (easy handle 0x563731a94c80)
> GET / HTTP/2
> Host: api.example.com
> user-agent: curl/7.88.1
> accept: */*
> 
< HTTP/2 308 
< alt-svc: h3=":443"; ma=2592000
< date: Fri, 10 May 2024 16:56:22 GMT
< location: https://api.example.com/
< server: Caddy
< server: Caddy
< content-length: 0
< 
* Connection #0 to host api.example.com left intact
* Issue another request to this URL: 'https://api.example.com/'
* Found bundle for host: 0x563731a8e0a0 [can multiplex]
* Re-using existing connection #0 with host api.example.com
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: api.example.com]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 63 (easy handle 0x563731a94c80)
> GET / HTTP/2
> Host: api.example.com
> user-agent: curl/7.88.1
> accept: */*
> 
< HTTP/2 308 
< alt-svc: h3=":443"; ma=2592000
< date: Fri, 10 May 2024 16:56:22 GMT
< location: https://api.example.com/
< server: Caddy
< server: Caddy
< content-length: 0
< 
* Connection #0 to host api.example.com left intact
* Issue another request to this URL: 'https://api.example.com/'
* Found bundle for host: 0x563731a8e0a0 [can multiplex]
* Re-using existing connection #0 with host api.example.com
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: api.example.com]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 65 (easy handle 0x563731a94c80)
> GET / HTTP/2
> Host: api.example.com
> user-agent: curl/7.88.1
> accept: */*
> 
< HTTP/2 308 
< alt-svc: h3=":443"; ma=2592000
< date: Fri, 10 May 2024 16:56:22 GMT
< location: https://api.example.com/
< server: Caddy
< server: Caddy
< content-length: 0
< 
* Connection #0 to host api.example.com left intact
* Issue another request to this URL: 'https://api.example.com/'
* Found bundle for host: 0x563731a8e0a0 [can multiplex]
* Re-using existing connection #0 with host api.example.com
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: api.example.com]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 67 (easy handle 0x563731a94c80)
> GET / HTTP/2
> Host: api.example.com
> user-agent: curl/7.88.1
> accept: */*
> 
< HTTP/2 308 
< alt-svc: h3=":443"; ma=2592000
< date: Fri, 10 May 2024 16:56:22 GMT
< location: https://api.example.com/
< server: Caddy
< server: Caddy
< content-length: 0
< 
* Connection #0 to host api.example.com left intact
* Issue another request to this URL: 'https://api.example.com/'
* Found bundle for host: 0x563731a8e0a0 [can multiplex]
* Re-using existing connection #0 with host api.example.com
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: api.example.com]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 69 (easy handle 0x563731a94c80)
> GET / HTTP/2
> Host: api.example.com
> user-agent: curl/7.88.1
> accept: */*
> 
< HTTP/2 308 
< alt-svc: h3=":443"; ma=2592000
< date: Fri, 10 May 2024 16:56:22 GMT
< location: https://api.example.com/
< server: Caddy
< server: Caddy
< content-length: 0
< 
* Connection #0 to host api.example.com left intact
* Issue another request to this URL: 'https://api.example.com/'
* Found bundle for host: 0x563731a8e0a0 [can multiplex]
* Re-using existing connection #0 with host api.example.com
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: api.example.com]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 71 (easy handle 0x563731a94c80)
> GET / HTTP/2
> Host: api.example.com
> user-agent: curl/7.88.1
> accept: */*
> 
< HTTP/2 308 
< alt-svc: h3=":443"; ma=2592000
< date: Fri, 10 May 2024 16:56:22 GMT
< location: https://api.example.com/
< server: Caddy
< server: Caddy
< content-length: 0
< 
* Connection #0 to host api.example.com left intact
* Issue another request to this URL: 'https://api.example.com/'
* Found bundle for host: 0x563731a8e0a0 [can multiplex]
* Re-using existing connection #0 with host api.example.com
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: api.example.com]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 73 (easy handle 0x563731a94c80)
> GET / HTTP/2
> Host: api.example.com
> user-agent: curl/7.88.1
> accept: */*
> 
< HTTP/2 308 
< alt-svc: h3=":443"; ma=2592000
< date: Fri, 10 May 2024 16:56:22 GMT
< location: https://api.example.com/
< server: Caddy
< server: Caddy
< content-length: 0
< 
* Connection #0 to host api.example.com left intact
* Issue another request to this URL: 'https://api.example.com/'
* Found bundle for host: 0x563731a8e0a0 [can multiplex]
* Re-using existing connection #0 with host api.example.com
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: api.example.com]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 75 (easy handle 0x563731a94c80)
> GET / HTTP/2
> Host: api.example.com
> user-agent: curl/7.88.1
> accept: */*
> 
< HTTP/2 308 
< alt-svc: h3=":443"; ma=2592000
< date: Fri, 10 May 2024 16:56:22 GMT
< location: https://api.example.com/
< server: Caddy
< server: Caddy
< content-length: 0
< 
* Connection #0 to host api.example.com left intact
* Issue another request to this URL: 'https://api.example.com/'
* Found bundle for host: 0x563731a8e0a0 [can multiplex]
* Re-using existing connection #0 with host api.example.com
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: api.example.com]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 77 (easy handle 0x563731a94c80)
> GET / HTTP/2
> Host: api.example.com
> user-agent: curl/7.88.1
> accept: */*
> 
< HTTP/2 308 
< alt-svc: h3=":443"; ma=2592000
< date: Fri, 10 May 2024 16:56:22 GMT
< location: https://api.example.com/
< server: Caddy
< server: Caddy
< content-length: 0
< 
* Connection #0 to host api.example.com left intact
* Issue another request to this URL: 'https://api.example.com/'
* Found bundle for host: 0x563731a8e0a0 [can multiplex]
* Re-using existing connection #0 with host api.example.com
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: api.example.com]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 79 (easy handle 0x563731a94c80)
> GET / HTTP/2
> Host: api.example.com
> user-agent: curl/7.88.1
> accept: */*
> 
< HTTP/2 308 
< alt-svc: h3=":443"; ma=2592000
< date: Fri, 10 May 2024 16:56:22 GMT
< location: https://api.example.com/
< server: Caddy
< server: Caddy
< content-length: 0
< 
* Connection #0 to host api.example.com left intact
* Issue another request to this URL: 'https://api.example.com/'
* Found bundle for host: 0x563731a8e0a0 [can multiplex]
* Re-using existing connection #0 with host api.example.com
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: api.example.com]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 81 (easy handle 0x563731a94c80)
> GET / HTTP/2
> Host: api.example.com
> user-agent: curl/7.88.1
> accept: */*
> 
< HTTP/2 308 
< alt-svc: h3=":443"; ma=2592000
< date: Fri, 10 May 2024 16:56:22 GMT
< location: https://api.example.com/
< server: Caddy
< server: Caddy
< content-length: 0
< 
* Connection #0 to host api.example.com left intact
* Issue another request to this URL: 'https://api.example.com/'
* Found bundle for host: 0x563731a8e0a0 [can multiplex]
* Re-using existing connection #0 with host api.example.com
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: api.example.com]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 83 (easy handle 0x563731a94c80)
> GET / HTTP/2
> Host: api.example.com
> user-agent: curl/7.88.1
> accept: */*
> 
< HTTP/2 308 
< alt-svc: h3=":443"; ma=2592000
< date: Fri, 10 May 2024 16:56:22 GMT
< location: https://api.example.com/
< server: Caddy
< server: Caddy
< content-length: 0
< 
* Connection #0 to host api.example.com left intact
* Issue another request to this URL: 'https://api.example.com/'
* Found bundle for host: 0x563731a8e0a0 [can multiplex]
* Re-using existing connection #0 with host api.example.com
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: api.example.com]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 85 (easy handle 0x563731a94c80)
> GET / HTTP/2
> Host: api.example.com
> user-agent: curl/7.88.1
> accept: */*
> 
< HTTP/2 308 
< alt-svc: h3=":443"; ma=2592000
< date: Fri, 10 May 2024 16:56:22 GMT
< location: https://api.example.com/
< server: Caddy
< server: Caddy
< content-length: 0
< 
* Connection #0 to host api.example.com left intact
* Issue another request to this URL: 'https://api.example.com/'
* Found bundle for host: 0x563731a8e0a0 [can multiplex]
* Re-using existing connection #0 with host api.example.com
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: api.example.com]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 87 (easy handle 0x563731a94c80)
> GET / HTTP/2
> Host: api.example.com
> user-agent: curl/7.88.1
> accept: */*
> 
< HTTP/2 308 
< alt-svc: h3=":443"; ma=2592000
< date: Fri, 10 May 2024 16:56:22 GMT
< location: https://api.example.com/
< server: Caddy
< server: Caddy
< content-length: 0
< 
* Connection #0 to host api.example.com left intact
* Issue another request to this URL: 'https://api.example.com/'
* Found bundle for host: 0x563731a8e0a0 [can multiplex]
* Re-using existing connection #0 with host api.example.com
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: api.example.com]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 89 (easy handle 0x563731a94c80)
> GET / HTTP/2
> Host: api.example.com
> user-agent: curl/7.88.1
> accept: */*
> 
< HTTP/2 308 
< alt-svc: h3=":443"; ma=2592000
< date: Fri, 10 May 2024 16:56:22 GMT
< location: https://api.example.com/
< server: Caddy
< server: Caddy
< content-length: 0
< 
* Connection #0 to host api.example.com left intact
* Issue another request to this URL: 'https://api.example.com/'
* Found bundle for host: 0x563731a8e0a0 [can multiplex]
* Re-using existing connection #0 with host api.example.com
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: api.example.com]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 91 (easy handle 0x563731a94c80)
> GET / HTTP/2
> Host: api.example.com
> user-agent: curl/7.88.1
> accept: */*
> 
< HTTP/2 308 
< alt-svc: h3=":443"; ma=2592000
< date: Fri, 10 May 2024 16:56:22 GMT
< location: https://api.example.com/
< server: Caddy
< server: Caddy
< content-length: 0
< 
* Connection #0 to host api.example.com left intact
* Issue another request to this URL: 'https://api.example.com/'
* Found bundle for host: 0x563731a8e0a0 [can multiplex]
* Re-using existing connection #0 with host api.example.com
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: api.example.com]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 93 (easy handle 0x563731a94c80)
> GET / HTTP/2
> Host: api.example.com
> user-agent: curl/7.88.1
> accept: */*
> 
< HTTP/2 308 
< alt-svc: h3=":443"; ma=2592000
< date: Fri, 10 May 2024 16:56:22 GMT
< location: https://api.example.com/
< server: Caddy
< server: Caddy
< content-length: 0
< 
* Connection #0 to host api.example.com left intact
* Issue another request to this URL: 'https://api.example.com/'
* Found bundle for host: 0x563731a8e0a0 [can multiplex]
* Re-using existing connection #0 with host api.example.com
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: api.example.com]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 95 (easy handle 0x563731a94c80)
> GET / HTTP/2
> Host: api.example.com
> user-agent: curl/7.88.1
> accept: */*
> 
< HTTP/2 308 
< alt-svc: h3=":443"; ma=2592000
< date: Fri, 10 May 2024 16:56:22 GMT
< location: https://api.example.com/
< server: Caddy
< server: Caddy
< content-length: 0
< 
* Connection #0 to host api.example.com left intact
* Issue another request to this URL: 'https://api.example.com/'
* Found bundle for host: 0x563731a8e0a0 [can multiplex]
* Re-using existing connection #0 with host api.example.com
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: api.example.com]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 97 (easy handle 0x563731a94c80)
> GET / HTTP/2
> Host: api.example.com
> user-agent: curl/7.88.1
> accept: */*
> 
< HTTP/2 308 
< alt-svc: h3=":443"; ma=2592000
< date: Fri, 10 May 2024 16:56:22 GMT
< location: https://api.example.com/
< server: Caddy
< server: Caddy
< content-length: 0
< 
* Connection #0 to host api.example.com left intact
* Issue another request to this URL: 'https://api.example.com/'
* Found bundle for host: 0x563731a8e0a0 [can multiplex]
* Re-using existing connection #0 with host api.example.com
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: api.example.com]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 99 (easy handle 0x563731a94c80)
> GET / HTTP/2
> Host: api.example.com
> user-agent: curl/7.88.1
> accept: */*
> 
< HTTP/2 308 
< alt-svc: h3=":443"; ma=2592000
< date: Fri, 10 May 2024 16:56:22 GMT
< location: https://api.example.com/
< server: Caddy
< server: Caddy
< content-length: 0
< 
* Connection #0 to host api.example.com left intact
* Issue another request to this URL: 'https://api.example.com/'
* Found bundle for host: 0x563731a8e0a0 [can multiplex]
* Re-using existing connection #0 with host api.example.com
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: api.example.com]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 101 (easy handle 0x563731a94c80)
> GET / HTTP/2
> Host: api.example.com
> user-agent: curl/7.88.1
> accept: */*
> 
< HTTP/2 308 
< alt-svc: h3=":443"; ma=2592000
< date: Fri, 10 May 2024 16:56:22 GMT
< location: https://api.example.com/
< server: Caddy
< server: Caddy
< content-length: 0
< 
* Connection #0 to host api.example.com left intact
* Maximum (50) redirects followed
curl: (47) Maximum (50) redirects followed

3. Caddy version:

v2.7.6 h1:w0NymbG2m9PcvKWsrXO6EEkY9Ru4FJK8uQbYcev1p3A=

4. How I installed and ran Caddy:

curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | sudo gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg
curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | sudo tee /etc/apt/sources.list.d/caddy-stable.list
sudo apt update
sudo apt install caddy

a. System environment:

Debian 12. The output of uname -a:
Linux lb 6.1.0-21-cloud-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.90-1 (2024-05-03) x86_64 GNU/Linux

b. Command:

caddy reload --config /etc/caddy/Caddyfile

c. Service/unit/compose file:

PASTE OVER THIS, BETWEEN THE ``` LINES.
Please use the preview pane to ensure it looks nice.

d. My complete Caddy config:

api.example.com {
	reverse_proxy kb01.example.org
	log {
		output file /var/log/caddy/access.log
	}
}

5. Links to relevant resources:

Caddy’s reverse_proxy makes HTTP requests by default, not HTTPS. If your upstream app is redirecting HTTP to HTTPS, then the result is an infinite redirect loop.

Generally, you should proxy to the HTTP port or your upstream app, if it’s running within the same private network. Proxying over HTTPS adds unnecessary overhead. The important part to encrypt is the traffic over public networks, but once the request is inside your private network, it’s safe as long as you trust the software running within that network.

That said, it is possible to proxy over HTTPS, but you need to configure Caddy to do so reverse_proxy (Caddyfile directive) — Caddy Documentation

2 Likes

That explains. Fixed. Thank you so much for the clear explanation and speedy response.

1 Like