Certificate maitainance

When attempting to start caddy from the command line, it seems to get stuck after setting privacy features.

Using the log stdout command I can see that it is doing some kind of certificate maintenance.

It shows [warning] TLS disabled for my domain and sub domains

Is this normal behavior? How long should I wait for this maintenance before possibly looking for other issues while caddy is loading


Was Caddy (any instance using that $CADDYPATH) recently force-stopped? Like within the last 2 hours?

I am unsure. It is possible that Windows did an update last night which restarted the machine, and in turn force stopped the CMD window hosting caddy.

I notice now that some of my domains are directing properly, however a very very long load time.

And still some web apps behind a proxy are not loading at all.

I have since removed the original certificates and re ran caddy, authenticated new certs for the domain, but still long processing and caddy seems to have gotten caught up somewhere in the loading process.

I hope I have explained it properly.

All you should need to remove is $CADDYPATH/acme/locks. Next time it happens, can you try that and tell me if it resolves the blocking issue?

Thank you matt,

After removing the “locks” folder, the maintenance routine has now finshed and reports done.

However all my sub domains report with [warning] TLS disabled.

Caddy has completed the privacy settings, but doesn’t list the domains and sub domains all with their proxy address.

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

C:\Windows\system32>cd c:\caddy

c:\Caddy>caddy -log stdout -agree=true
Activating privacy features... 2019/04/12 17:07:29 [INFO][FileStorage:C:\Users\M
ediaServer\.caddy] Started certificate maintenance routine
2019/04/12 17:07:29 [WARNING] TLS disabled for
2019/04/12 17:07:29 [WARNING] TLS disabled for
2019/04/12 17:07:29 [WARNING] TLS disabled for
2019/04/12 17:07:29 [WARNING] TLS disabled for
2019/04/12 17:07:29 [WARNING] TLS disabled for


It looks like sophos antivirus updated their application and enabled a “block-all” on internet traffic.

Sophos will pipe all traffic that cines through the firewall, through their anti virus. It caused major issues. However, once I was able to pinpoint the issue, I was able to fix it and all is well in the world.

Thank you again.

That, and IP addresses are not eligible for automated certificates: Automatic HTTPS — Caddy Documentation

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.