Deleting local cert/Create React app https proxy

fgfmichael · May 17, 2021, 9:13am

1. Caddy version (`caddy version`):

v2.4.0 h1:yHnnbawH2G3ZBP2mAJF4XBLnJanqhULLP/wu01Qi9Io=

2. How I run Caddy:

caddy reverse-proxy --from :3000 --to 127.0.0.1:3017

a. System environment:

Windows 10

3. The problem I’m having:

I am trying to reverse proxy a create react app running on port 3017 into port 3000 on https, however when i visit https://localhost:3000 I get SSL_ERROR_RX_RECORD_TOO_LONG which makes no sense to me. So I thought perhaps I should delete the locally signed cert and try again? But I cannot find any info on how this is done? So perhaps somebody could explain how I’ve messed up my https proxy and also how to remove the cert?

4. Error messages and/or full log output:

2021/05/17 09:10:03.861 ?[33mWARN?[0m   admin   admin endpoint disabled
2021/05/17 09:10:03.862 ?[34mINFO?[0m   tls.cache.maintenance   started background certificate maintenance          {"cache": "0xc0003262a0"}
2021/05/17 09:10:03.862 ?[34mINFO?[0m   tls     cleaning storage unit   {"description":     "FileStorage:C:\\Users\\{username}\\AppData\\Roaming\\Caddy"}
2021/05/17 09:10:03.862 ?[34mINFO?[0m   tls     finished cleaning storage units
2021/05/17 09:10:03.862 ?[34mINFO?[0m   autosaved config (load with --resume flag)      {"file":     "C:\\Users\\{username}\\AppData\\Roaming\\Caddy\\autosave.json"}
Caddy proxying http://:2016 -> http://127.0.0.1:3000

francislavoie · May 17, 2021, 2:20pm

The command you said you ran and the log output don’t seem to agree with eachother. It looks like Caddy is listening on port 2016, not port 3000.

Also I think the problem is that you didn’t tell Caddy a domain name to use, so it doesn’t have a certificate to serve. Instead of :3000, try https://localhost:3000. This will also make Caddy try to install its root CA certificate to your systems trust store if it hasn’t already.

fgfmichael · May 18, 2021, 1:50am

When I swap the command to be that instead, I get the following:

caddy reverse-proxy --from https://localhost:3000 --to 127.0.0.1:3017         
2021/05/18 01:48:53.431 e[33mWARNe[0m   admin   admin endpoint disabled                           
2021/05/18 01:48:53.432 e[34mINFOe[0m   tls.cache.maintenance   started background certificate     maintenance      {"cache":     "0xc000324850"}                                                                              
2021/05/18 01:48:53.433 e[34mINFOe[0m   http    enabling automatic HTTP->HTTPS redirects            {"server_name":     "proxy"}                                                                                               
2021/05/18 01:48:53.446 e[34mINFOe[0m   tls.cache.maintenance   stopped background certificate maintenance          {"cache": "0xc000324850"}                                                                              
reverse-proxy: loading new config: http app module: start: tcp: listening on :80: listen tcp :80: bind: An attempt     was made to access a socket in a way forbidden by its access permissions.

I believe it doesn’t like the fully qualified domain for the --from

I have got this working in the past and how I did so is annoyingly escaping me. I do remember having to specify https though so maybe your onto somthing

francislavoie · May 18, 2021, 2:04am

That’s because Caddy attempts to bind to port 80 to enable HTTP->HTTPS redirects.

If you can’t bind to port 80 with your user due to permissions, then you’ll need to use a Caddyfile to disable the redirects feature.

{
	auto_https disable_redirects
}

https://localhost:3000 {
	reverse_proxy localhost:3017
}

fgfmichael · May 18, 2021, 2:25am

I’ll give this a whirl

fgfmichael · May 18, 2021, 6:29am

I was able to get it working with this caddyfile

system · June 16, 2021, 9:13am

This topic was automatically closed after 30 days. New replies are no longer allowed.