could you please help me? I am not able to get a Let’s Encrypt Certificate for my instance of Vaultwarden. But let’s start at the beginning.
I am running Ubuntu 24.04.1 LTS for Vaultwarden with docker, compose & caddy.
I want to access Vaultwarden only internally in my network. I am owner of a domain like contoso.de. Vaultwarden would be accessible by vw.contoso.de.
In the past I had used a self-signed certificate, but I learned that using it is problematic. So by connecting vw.contoso.de website is unsecure and there is no access for iPhone App or Bitwarden PC Software. So i want to integrate auto-renew Let’s Encrypt certificate for subdomain.
It looks like you have Apache sitting in front of your Caddy server. In other words, Caddy needs to be directly reachable to complete the challenge. Otherwise, you’ll need to use a DNS challenge.
Thank you @timelordx > Apache or Nginx shouldn’t be installed and can’t be found by “apt list --installed”. Is there any other process to check this? Or need Caddyfile to be changed?
However, I missed this earlier (I was initially reading your post on my phone, sorry) - you’re actually assigning the certificate and key to your virtual server, so you’re not doing Let’s Encrypt at all:
Can you please clarify what command you ran to get such output? Four server headers, even with three valid ones, is not a usual response from a web server.
Remove static tls directive from your Caddy virtual, which will make Caddy use TLS-ALPN challenge. However, TLS-ALPN requires Caddy to be reachable from the Internet.
Otherwise, you can use DNS challenge, which does not require Caddy to be exposed to the Internet.
I’ve started to implement Rocket long time ago. After running “apt install Rocket” i’ve discovered this doesn’t makes sense while using Caddy. This is probably what left it behind.
How am i able to clean this Rocket stuff? Can’t find anything installed by apt for rocket.
The problem may be due to a defective caddy service. So far I have always started the containers with docker compose down or up -d. The feedback was always good. Now I have noticed that the caddy service cannot be started at all (sudo systemctl status caddy). I don’t know when this problem first occurred. How do I deal with this? Should I uninstall Caddy and then reinstall it (sudo apt remove caddy > sudo apt install caddy)? Would this delete configuration files?