Forwarding to another reverse proxy

1. Output of caddy version:

v2.6.2 h1:wKoFIxpmOJLGl3QXoo6PNbYvGW4xLEgo32GPBEjWL8o=

2. How I run Caddy:

As a systemd service (systemctl)

a. System environment:

Stock debian 11, with caddy as a debian package

b. Command:

caddy reload
2022/10/28 18:50:11.337 INFO    using adjacent Caddyfile

c. Service/unit/compose file:

$ cat /lib/systemd/system/caddy.service
# caddy.service
# For using Caddy with a config file.
# Make sure the ExecStart and ExecReload commands are correct
# for your installation.
# See for instructions.
# WARNING: This service does not use the --resume flag, so if you
# use the API to make changes, they will be overwritten by the
# Caddyfile next time the service is restarted. If you intend to
# use Caddy's API to configure it, add the --resume flag to the
# `caddy run` command or use the caddy-api.service file instead.


ExecStart=/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile
ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile --force


d. My complete Caddy config:

$ cat /etc/caddy/Caddyfile 
# Caddyconfig {
        # RP to lsio

3. The problem I’m having:

Hello all and thanks for taking a look at this with me! Im trying to migrate myself to caddy from a nginx/linuxserverio approach, but I have so many configs and subdomains, i’d like to take things one step at a time.

I want to point caddy to the old reverse proxy first, and slowly move everything over to just native caddy, I’m not exactly sure how to do this, I really want to forward just… everything over? Ultimately I’m trying to host two domains at once and I think I can do that with caddy and i’d also just like to simplify my setup, the docker+nginx setup was getting super bloated…

I explained this a little long winded, what Im asking rn is: how do i reverse proxy just one domain (or subdomain) to an existing reverse proxy?

5. What I already tried:

I did try a bunch! i looked at the docs and played around with getting the reverse proxy keywords to just point to my old rp or even a simple webserver, but, so far no luck, and by no luck I mean I either get a “cant be reached” or “SSL error” The way I’ve set my network up I have the old, and the new caddy RP right next to each other, so for testing I’ve just been sliding the port forwarding over to point at caddy

I was able to get this to work:

$ cat Caddyfile 
# Caddyconfig {
        # RP to lsio
        respond "Hello, world!"



So I can at least be sure that caddy is visible from the outside!

6. Links to relevant resources:

I think it’s better to use an URL that explicitly contains the protocol (https): {
   # RP to lsio

If it still does not work due to a SSL error then you can try to lax SSL validations for a reverese proxy: {
   # RP to lsio
   reverse_proxy {
        transport http {

Add the debug global option at the top of your Caddyfile, and show us what your logs are saying.


It’s hard to know what to suggest without seeing the logs.

As @hypermind suggested, if your upstream is HTTPS, then you need to tell Caddy to connect with HTTPS. See the docs which mentions how to do this:

But if possible, it’s easier and more performant to proxy over HTTP, if the upstream is in the same private network (and you trust devices on your network to not be able to intercept and tamper with the traffic). Using tls_insecure_skip_verify turns off all security provided by HTTPS, so there’s no point to using HTTPS at that point.

This topic was automatically closed after 30 days. New replies are no longer allowed.