General questions about subdomains setup with Caddy


I have already a working wordpress site on my VPS, with quite basic setup by Caddy (thanks to the help from this forum). The caddyfile just looks like:

An A record is pointing to the VPS ip using Cloudflare.

I am thinking to instead of using to visit my wordpress site, use sth like Because I’m thinking in the future I may add more applications on the VPS such as owncloud and what not, I can then have too.

Therefore I’m testing with the wordpress subdomain first. All I changed in Caddyfile was the site name, so after the change it is:
...*no change here*

The other change I did was adding a cname “wordpress” to the domain I set up on Cloudflare.

However, when I visit in the browser, I get the
Error 525: SSL handshake failed displayed by the cloudflare page. According to the Cloudflare documentation, it is basically…the faulty SSL certificate configuration.

I did a little research about the topic and my conclusion was that LetsEncrypt doesn’t issue subdomain certificate, or it is using the same certificate for which causes discrepancy issues?


  1. Can you help to explain the error I’m encountering?
  2. What are the requirement/steps for setting up multiple subdomains?
    Should the caddyfile look like this:

Please fill out the help thread template, and at least include your Caddy version, logs, full Caddyfile, and installation method.

Caddy version: v2.1.1 h1:X9k1+ehZPYYrSqBvf/ocUgdLSRIuiNiMo7CvyGUQKeA=
Installation method: Downloaded the latest zip and created a systemd service, which has run fine without issue.
caddyfile: {
        root * /srv/www/wordpress
        encode gzip
        php_fastcgi unix//var/run/php-fpm.sock
        log {
                output file /var/log/caddy/caddy.log

logs: There is no logging occurred when subdomain is used in caddyfile. I guess it’s because of the SSL handshake error 525?

From cloudflare:
Error 525 indicates that the SSL handshake between Cloudflare and the origin web server failed. This only occurs when the domain is using Cloudflare Full or Full (Strict) SSL mode. This is typically caused by a configuration issue in the origin web server, when this happens, you’ll see “Error 525: SSL handshake failed”.

I think this article should cover the questions about using Caddy with Cloudflare:

1 Like

Thank you very much for the link. Much study to do.
I guess the error I encountered should be caused by the fact that let’s encrypt doesn’t provide certificates to subdomains automatically.

Caddy can only get certificates issued from Let’s Encrypt if your site is publicly reachable. When behind Cloudflare, this poses issues.

You can see your Caddy logs by running journalctl --no-pager -u caddy | less, you’ll likely notice errors in certificate issuance.

This topic was automatically closed after 30 days. New replies are no longer allowed.