Domain with two level subdomain is not working for us


(Job Noam) #1

Hello,

This our file:

:443 {
    tls {
        max_certs 500000
    }
    tls noam@example.com
    proxy / example-testing.us-east-1.example.com {
        transparent
        header_downstream server "Test-Server"
    }
}

And we’re trying to use domain that looks like that: 54353.test.ourdomain.com
And domain that format like that is working great:
test.ourdomain.com

Does Caddy don’t support two level sub domain?


(Matthew Fay) #2

There’s no reason it shouldn’t, assuming you’re connecting to https://54353.test.ourdomain.com and the DNS for 54353.test.ourdomain.com resolves to your Caddy server correctly.

What error are you seeing instead of a working webpage?

P.S. that’s quite a large max_certs!


(Job Noam) #3

Hi,

This is the error I’m getting:

This site can’t provide a secure connection

54353.test.ourdomain.com sent an invalid response.
Try running Network Diagnostics.
ERR_SSL_PROTOCOL_ERROR


(Matthew Fay) #4

Can you configure:

Then try again and post the results?


(Job Noam) #5

OK I’m getting this error:
2017/09/12 16:09:37 [log] failed to get certificate: acme: Error 400 - urn:acme:error:malformed - Error creating new authz :: DNS name does not have enough labels


(Matt Holt) #6

That tells us that you haven’t posted your entire Caddyfile. What’s the whole thing (unedited)?


(Job Noam) #7

OK I think I understand the problem. I didn’t got anything in the log and it’s look like something that not sure related to Caddy (but maybe it is).
I have my own SSL on this server but I didn’t set him up in the Caddyfile and I just use :433

When I try to enter any domain on the server it’s working great but only when I try to enter to this domain the I had a custom SSL in the past it’s getting the first error I sent (By chrome):

This site can’t provide a secure connection

54353.test.ourdomain.com sent an invalid response.
Try running Network Diagnostics.
ERR_SSL_PROTOCOL_ERROR

Does thats sound like something you know?

And thanks again for all the help you give here! the product is amazing!


(Matthew Fay) #8

Maybe try curling the site to avoid any kind of browser-related history/cache issues? If your previous SSL setup is truly out of the way now, curl will give you an accurate response.


(Job Noam) #9

No, it’s still not working.
This is the error:

curl: (35) Unknown SSL protocol error in connection to 1.test55.example.me:-9838
He just can’t confirm the SSL.

And this is for example Firefox error:

An error occurred during a connection to 1.test55.example.me. Peer reports it experienced an internal error. Error code: SSL_ERROR_INTERNAL_ERROR_ALERT

The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the website owners to inform them of this problem.

Thanks


(Matthew Fay) #10

Do you have anything between you and your Caddy server? A CloudFlare proxy or similar?


(Job Noam) #11

No no, right to the server. If you like I can send you the SSH connection and the domain (in private).
It’s just for testing


(Matthew Fay) #12

I’m happy to volunteer a bit of time to have a peek. I probably won’t need SSH, but if you want to send me some more details - the IPv4 address, and the publicly addressable domain you’re using - I might be able to give some advice as a fellow Caddy user.

Just keep in mind I’m not affiliated with Caddy or Light Code Labs, I’m just a friendly face on the forums here.


(Job Noam) #13

Where can I sent you a private message?


(system) #14

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.