"Fake LE Intermediate X1" Certificate

Help
1

I have Caddy set as a proxy server with plex, radarr, sonarr and qbit all configured (apart from qbit, separate issue there). However each time i connect to the sites, i am only getting a Fake LE intermediate certificate and therefore the site is not secure.

My Caddyfile:

mydomain {

ext .html .htm .php
root C:/caddy

gzip

tls email {
ca https://acme-staging-v02.api.letsencrypt.org/directory
}

tls mydomain {
max_certs 1000
}

log request.log {
rotate_size 5
rotate_age 7
rotate_keep 4
}
{

errors /caddy/error.log {
rotate_size 5
rotate_age 7
rotate_keep 4

	}

}

header / { 
    X-Content-Type-Options nosniff
    X-XSS-Protection "1; mode=block"
    Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
}

proxy /radarr 127.0.0.1:7878 {
transparent
}

proxy /sonarr localhost:8989 {
websocket
transparent
}

proxy /web 127.0.0.1:32400 {
transparent
}

proxy /torrent 10.1.1.90:1996 {
transparent
}

proxy /login localhost:5000 {
transparent
}

fastcgi / 127.0.0.1:9000 php

}

http://localhost {

ext .html .htm .php
root /caddy

gzip

proxy /radarr 127.0.0.1:7878 {
transparent
}

proxy /sonarr localhost:8989 {
websocket
transparent
}

proxy /web 127.0.0.1:32400 {
transparent
}

proxy /torrent 10.1.1.90:1996 {
transparent
}

proxy /login localhost:5000 {
transparent
}

tls {
max_certs 100
}

}

Not sure if this is a Caddy or letsencrypt issue?

2

Hi @falco-caper, welcome to the Caddy community.

How do you run Caddy?

3

Windows 10 as a service. Proxy server

4

What command does the service manager use to execute Caddy?

Actually, that isn’t necessary. I’d assumed it’d be a flag, but it’s in your Caddyfile:

You’re using the LetsEncrypt staging environment, which gives out fake certificates and has relaxed rate limits.

5

Ahhhh so stupid aha thanks. Works perfect now.

6

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.