1. Output of caddy version:
v2.6.2 h1:wKoFIxpmOJLGl3QXoo6PNbYvGW4xLEgo32GPBEjWL8o=
2. How I run Caddy:
I’ve installed Caddy through APT, so I run it exploiting Systemd.
a. System environment:
Raspberry Pi OS on Raspberry Pi 4B
Linux raspberrypi 5.15.76-v8+
b. Command:
Systemd does that for me.
d. My complete Caddy config:
{
debug
}
electrs.nicheosala.xyz {
reverse_proxy 127.0.0.1:50001
}
3. The problem I’m having:
I cannot connect to Electrs JSON RPC using Caddy as a reverse proxy from port 443 to port 50001.
Instead, using Nginx for the very same task works.
This is the working Nginx configuration:
upstream electrs {
server 127.0.0.1:50001;
}
server {
listen 443 ssl;
proxy_pass electrs;
}
4. Error messages and/or full log output:
Caddy log when trying to connect to Electrs JSON RPC using BitBox App client:
Dec 08 18:28:39 raspberrypi caddy[105341]: {"level":"debug","ts":1670520519.221774,"logger":"events","msg":"event","name":"tls_get_certificate","id":"29601837-8caf-4148-b882-8b25ec1b6775","origin":"tls","data":{"client_hello":{"CipherSuites":[49195,49199,49196,49200,52393,52392,49161,49171,49162,49172,156,157,47,53,49170,10,4865,4866,4867],"ServerName":"electrs.nicheosala.xyz","SupportedCurves":[29,23,24,25],"SupportedPoints":"AA==","SignatureSchemes":[2052,1027,2055,2053,2054,1025,1281,1537,1283,1539,513,515],"SupportedProtos":null,"SupportedVersions":[772,771],"Conn":{}}}}
Dec 08 18:28:39 raspberrypi caddy[105341]: {"level":"debug","ts":1670520519.2219875,"logger":"tls.handshake","msg":"choosing certificate","identifier":"electrs.nicheosala.xyz","num_choices":1}
Dec 08 18:28:39 raspberrypi caddy[105341]: {"level":"debug","ts":1670520519.222064,"logger":"tls.handshake","msg":"default certificate selection results","identifier":"electrs.nicheosala.xyz","subjects":["electrs.nicheosala.xyz"],"managed":true,"issuer_key":"acme-v02.api.letsencrypt.org-directory","hash":"8d3f6a4f0618c8a2112cba70083c28dc2570e8ec78bfdcf25ac6ed7f898cc302"}
Dec 08 18:28:39 raspberrypi caddy[105341]: {"level":"debug","ts":1670520519.222117,"logger":"tls.handshake","msg":"matched certificate in cache","remote_ip":"93.38.127.179","remote_port":"60349","subjects":["electrs.nicheosala.xyz"],"managed":true,"expiration":1677921206,"hash":"8d3f6a4f0618c8a2112cba70083c28dc2570e8ec78bfdcf25ac6ed7f898cc302"}
Caddy log when trying to connect to Electrs JSON RPC using Bitkipi client:
Dec 08 18:40:57 raspberrypi caddy[105341]: {"level":"debug","ts":1670521257.4199898,"logger":"events","msg":"event","name":"tls_get_certificate","id":"fb5f0dbc-391a-43bf-93d1-ead3f9216a77","origin":"tls","data":{"client_hello":{"CipherSuites":[4865,4866,4867,49195,49196,52393,49199,49200,52392,49161,49162,49171,49172,156,157,47,53],"ServerName":"electrs.nicheosala.xyz","SupportedCurves":[29,23,24],"SupportedPoints":"AA==","SignatureSchemes":[1027,2052,1025,1283,2053,1281,2054,1537,513],"SupportedProtos":null,"SupportedVersions":[772,771,770,769],"Conn":{}}}}
Dec 08 18:40:57 raspberrypi caddy[105341]: {"level":"debug","ts":1670521257.420111,"logger":"tls.handshake","msg":"choosing certificate","identifier":"electrs.nicheosala.xyz","num_choices":1}
Dec 08 18:40:57 raspberrypi caddy[105341]: {"level":"debug","ts":1670521257.4201481,"logger":"tls.handshake","msg":"default certificate selection results","identifier":"electrs.nicheosala.xyz","subjects":["electrs.nicheosala.xyz"],"managed":true,"issuer_key":"acme-v02.api.letsencrypt.org-directory","hash":"8d3f6a4f0618c8a2112cba70083c28dc2570e8ec78bfdcf25ac6ed7f898cc302"}
Dec 08 18:40:57 raspberrypi caddy[105341]: {"level":"debug","ts":1670521257.4201717,"logger":"tls.handshake","msg":"matched certificate in cache","remote_ip":"5.90.77.28","remote_port":"46724","subjects":["electrs.nicheosala.xyz"],"managed":true,"expiration":1677921206,"hash":"8d3f6a4f0618c8a2112cba70083c28dc2570e8ec78bfdcf25ac6ed7f898cc302"}
5. What I already tried:
Working setups:
- Nginx <–> Electrs
NOT working setups:
- Caddy <–> Eelctrs
- Caddy <–> Nginx <–> Electrs