Chrome invalid certificat key

1. Caddy version:

Caddy v2.6.2 h1:wKoFIxpmOJLGl3QXoo6PNbYvGW4xLEgo32GPBEjWL8o=

2. How I installed, and run Caddy:

a. System environment:


b. Command:

docker compose up -d

c. Service/unit/compose file:

version: "3.4"

      context: api/
      target: api_platform_caddy
      - php
      - pwa
      PWA_UPSTREAM: pwa:3000
      SERVER_NAME: ${SERVER_NAME:-localhost}
      SERVER_API_NAME: ${SERVER_API_NAME:-api.localhost}
    restart: unless-stopped
      - php_socket:/var/run/php
      - caddy_data:/data
      - caddy_config:/config

d. My complete Caddy config:

    servers {
        timeouts {
            read_body 60s
            read_header 60s
            write 60s
            idle 60s
        max_header_size 100MB



    route {
        root * /usr/src/pwa

        # Add links to the API docs and to the Mercure Hub if not set explicitly (e.g. the PWA)
        header ?Link `</docs.jsonld>; rel="", </.well-known/mercure>; rel="mercure"`
        # Disable Google FLOC tracking if not enabled explicitly:
        header ?Permissions-Policy "interest-cohort=()"

        # Comment the following line if you don't want Next.js to catch requests for HTML documents.
        # In this case, they will be handled by the PHP app.
        reverse_proxy http://{$PWA_UPSTREAM}

        encode zstd gzip



    route {
        root * /srv/api/public

        header ?Access-Control-Allow-Origin "{args.0}"
        header ?Access-Control-Allow-Methods "GET, OPTIONS, POST, PUT, PATCH, DELETE"

        php_fastcgi unix//var/run/php/php-fpm.sock
        encode zstd gzip

3. The problem I’m having:

When front NextJS application run a fetch to api Api-platform apllication, there is an error with invalid certificates Error when getting the resource: TypeError: Failed to fetch

GET https://api.localhost/posts/homepage net::ERR_CERT_AUTHORITY_INVALID

4. Error messages and/or full log output:

5. What I already tried:

As it is purpose in this answer post, I copy the root.crt from docker Caddy infrastructure and try to import it into Chrome. My browser said me that The private key of this client certificate is missing or incorrect.

How can I make this certificate correct and continue to develop my application on local host ?

6. Links to relevant resources:

You probably tried to add it as a client certificate. That’s not correct.

You need to add it to your system’s and browser’s trust store.

1 Like

Yes, in the French version of Chrome, it’s “Autorités”. I put my caddy certificate in “Vos certificats”. The naming is ambiguous :upside_down_face:

Yeah, “vos” implies “client”… “certificats client” might be an easier to understand translation. :man_shrugging:

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.