I have already a working wordpress site on my VPS, with quite basic setup by Caddy (thanks to the help from this forum). The caddyfile just looks like:
mydomain.com
{
...
}
An A record mydomain.com is pointing to the VPS ip using Cloudflare.
I am thinking to instead of using mydomain.com to visit my wordpress site, use sth like wordpress.mydomain.com. Because I’m thinking in the future I may add more applications on the VPS such as owncloud and what not, I can then have owncloud.mydomain.com too.
Therefore I’m testing with the wordpress subdomain first. All I changed in Caddyfile was the site name, so after the change it is:
wordpress.mydomain.com
{
...*no change here*
}
The other change I did was adding a cname “wordpress” to the domain I set up on Cloudflare.
However, when I visit wordpress.mydomain.com in the browser, I get the
Error 525: SSL handshake failed displayed by the cloudflare page. According to the Cloudflare documentation, it is basically…the faulty SSL certificate configuration.
I did a little research about the topic and my conclusion was that LetsEncrypt doesn’t issue subdomain certificate, or it is using the same certificate for mydomain.com which causes discrepancy issues?
So,
Can you help to explain the error I’m encountering?
What are the requirement/steps for setting up multiple subdomains?
Should the caddyfile look like this:
Caddy version: v2.1.1 h1:X9k1+ehZPYYrSqBvf/ocUgdLSRIuiNiMo7CvyGUQKeA=
Installation method: Downloaded the latest zip and created a systemd service, which has run fine without issue.
caddyfile:
logs: There is no logging occurred when subdomain is used in caddyfile. I guess it’s because of the SSL handshake error 525?
From cloudflare:
Error 525 indicates that the SSL handshake between Cloudflare and the origin web server failed. This only occurs when the domain is using Cloudflare Full or Full (Strict) SSL mode. This is typically caused by a configuration issue in the origin web server, when this happens, you’ll see “Error 525: SSL handshake failed”.
Thank you very much for the link. Much study to do.
I guess the error I encountered should be caused by the fact that let’s encrypt doesn’t provide certificates to subdomains automatically.