Getting "Your connection is not private error". How to fix?

Help
1

1. Caddy version (caddy version):

v2.1.1 h1:X9k1+ehZPYYrSqBvf/ocUgdLSRIuiNiMo7CvyGUQKeA=

2. How I run Caddy:

By creating a caddy.service file and then using systemd. This is the configuration.

[Unit]
Description=Caddy
Documentation=https://caddyserver.com/docs/
After=network.target

[Service]
User=curiouslearn
Group=curiouslearn
ExecStart=/usr/bin/caddy run --environ --config /home/curiouslearn/Caddyfile
ExecReload=/usr/bin/caddy reload --config /home/curiouslearn/Caddyfile
TimeoutStopSec=5s
LimitNOFILE=1048576
LimitNPROC=512
PrivateTmp=true
ProtectSystem=full
AmbientCapabilities=CAP_NET_BIND_SERVICE

[Install]
WantedBy=multi-user.target

a. System environment:

ubuntu 18.04

b. Command:

sudo systemctl start caddy.service

c. Service/unit/compose file:

[Unit]
Description=Caddy
Documentation=https://caddyserver.com/docs/
After=network.target

[Service]
User=curiouslearn
Group=curiouslearn
ExecStart=/usr/bin/caddy run --environ --config /home/curiouslearn/Caddyfile
ExecReload=/usr/bin/caddy reload --config /home/curiouslearn/Caddyfile
TimeoutStopSec=5s
LimitNOFILE=1048576
LimitNPROC=512
PrivateTmp=true
ProtectSystem=full
AmbientCapabilities=CAP_NET_BIND_SERVICE

[Install]
WantedBy=multi-user.target

d. My complete Caddyfile or JSON config:

##------------------------------------------------------------------
## New version of mystudybook

mystudybook.app {
	reverse_proxy localhost:19000
}

www.mystudybook.app {
	reverse_proxy localhost:19000
}

##------------------------------------------------------------------
test.mystudybook.app {
	reverse_proxy localhost:5000
}

multiply.mystudybook.app {
	reverse_proxy localhost:13000
}

3. The problem I’m having:

I know this says that “Do not use Web Browsers”. But that is the problem I am having.
I am unable to connect to my website using my Brave webbrowser as well as my Firefox browser.
I am getting the error:

Your connection is not private
Attackers might be trying to steal your information from mystudybook.app (for example, passwords, messages, or credit cards). Learn more
NET::ERR_CERT_REVOKED

Can someone please help with how to fix this?

Thank you.

4. Error messages and/or full log output:

5. What I already tried:

I tried stopping and starting the Caddy server and reloading my config. But none of that is helping. Is this a problem with my browsers? They are both up to date.

6. Links to relevant resources:

Can someone please help with how to fix this? I would really appreciate it.

Thank you.

2

Your certificate was revoked. Rename the certificate folder in Caddy’s storage and then restart Caddy. But then upgrade Caddy to the latest version which would have handled this automatically.

3

Thank you very much for responding. I will upgrade Caddy and see if it fixes this. On another note, I just checked the log files and I see many entries of the form:

Nov 27 17:46:56 ubuntu-18 caddy[20108]: 2021/11/27 17:46:56 http: TLS handshake error from 40.77.167.101:62212: no certificate available for '904lock.com'

I have nothing to do with this website 904lock.com. Any ideas why I am seeing this in my log? Thank you very much.

4

Just spammy connections from misguided clients, nothing related to Caddy nor anything you can control.

5

Thank you so much. I upgraded Caddy and restarted it. Unfortunately, I am still getting the same error.
Here is the new info.

Few lines from the log file

Jan 31 13:15:48 ubuntu-18 caddy[2789]: INVOCATION_ID=0d2cd67966dd46749643d869974d337d
Jan 31 13:15:48 ubuntu-18 caddy[2789]: JOURNAL_STREAM=9:807016114
Jan 31 13:15:48 ubuntu-18 caddy[2789]: {"level":"info","ts":1643652948.0941186,"msg":"using provided configuration","config_file":"/home/curiouslearn/Caddyfile","config_adapter":""}
Jan 31 13:15:48 ubuntu-18 caddy[2789]: {"level":"info","ts":1643652948.095946,"logger":"admin","msg":"admin endpoint started","address":"tcp/localhost:2019","enforce_origin":false,"origins":["localhost:2019","[::1]:2019","127.0.0.1:2019"]}
Jan 31 13:15:48 ubuntu-18 caddy[2789]: {"level":"info","ts":1643652948.096941,"logger":"http","msg":"server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS","server_name":"srv0","https_port":443}
Jan 31 13:15:48 ubuntu-18 caddy[2789]: {"level":"info","ts":1643652948.096966,"logger":"http","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv0"}
Jan 31 13:15:48 ubuntu-18 caddy[2789]: {"level":"info","ts":1643652948.0978255,"logger":"http","msg":"enabling automatic TLS certificate management","domains":["mystudybook.app","staticserver.curiouslearn.com","multiply.mystudybook.app","test.mystudybook.app","www.mystudybook.app"]}
Jan 31 13:15:48 ubuntu-18 caddy[2789]: {"level":"info","ts":1643652948.0985165,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0xc0001d9340"}
Jan 31 13:15:48 ubuntu-18 caddy[2789]: {"level":"info","ts":1643652948.098611,"logger":"tls","msg":"cleaning storage unit","description":"FileStorage:/home/curiouslearn/.local/share/caddy"}
Jan 31 13:15:48 ubuntu-18 caddy[2789]: {"level":"info","ts":1643652948.1000655,"logger":"tls","msg":"finished cleaning storage units"}
Jan 31 13:15:48 ubuntu-18 caddy[2789]: {"level":"info","ts":1643652948.1240003,"msg":"autosaved config (load with --resume flag)","file":"/home/curiouslearn/.config/caddy/autosave.json"}
Jan 31 13:15:48 ubuntu-18 caddy[2789]: {"level":"info","ts":1643652948.1240392,"msg":"serving initial configuration"}

Caddy version

❯ /usr/bin/caddy version                                                                                                                                            13:13:16
v2.4.6 h1:HGkGICFGvyrodcqOOclHKfvJC0qTU7vny/7FhYp9hNw=

My Caddyfile

##------------------------------------------------------------------
## New version of mystudybook

mystudybook.app {
        reverse_proxy localhost:19000
}

www.mystudybook.app {
        reverse_proxy localhost:19000
}

##------------------------------------------------------------------
test.mystudybook.app {
        reverse_proxy localhost:5000
}

multiply.mystudybook.app {
        reverse_proxy localhost:13000
}
6

Your certificate was revoked. Rename the certificate folder in Caddy’s storage and then restart Caddy. But then upgrade Caddy to the latest version which would have handled this automatically.

I checked the certificates folder and I realized the upgrading Caddy and restarting did not fix the certificates problem. As you said above, I renamed the Certificates folder and then restarted Caddy, and it worked.

Thank you so much for your help.

Any idea why upgrading the Caddy version and restarting did not fix the problem.

Thank you very much.

7

It can take an hour for the certificate staple to be scanned to see that it needs to be refreshed.

Glad you got it working

8

Thank you for explaining. Could you or someone else, please provide a link to an article, blog post etc that explains why the certificate may have been revoked? That would be helpful to know if there is a way I could prevent this from happening in the future.

Thank you.

9
10

Thank you very much.

11

This topic was automatically closed after 30 days. New replies are no longer allowed.