Having troubles with enabling Comodo ECC SSL cert

I am trying to install a Comodo SSL certificate based on an ECDSA key. I have added the following code to my Caddyfile:

fokin.ca {
    root /var/www
    tls /etc/ssl/caddy/fokin-ec-bundle.pem /etc/ssl/caddy/fokin-ec-key.pem

In /etc/ssl/caddy/fokin-ec-bundle.pem I have my domain cert + intermediate + root from top to bottom,
In /etc/ssl/caddy/fokin-ec-key.pem I have the private key.

Server OS - Ubuntu 16.04 LTS

Caddy restarts after adding the code above, but neither port 80 nor 443 is working. Netstat shows that port 2015 is bound to Caddy.

When I specify tls my@email.address (to get a Lets Encrypt certificate), everything is fine.

So I am wondering maybe I am missing something in my Caddyfile config.


Yeah, I have encountered the same issue with my own SSL certificate. As workaround, you can forcing the real HTTPS port by adding :443 on your conf block.

fokin.ca:443 {
    root /var/www
    tls /etc/ssl/caddy/fokin-ec-bundle.pem /etc/ssl/caddy/fokin-ec-key.pem

Thank you! Yeah, it worked. Wondering if this is really a workaround or a “correct” configuration as per design. If it is the latter one, then it should be documented.

It is the intended behaviour. The documentation clearly states that default port is 2015 & default scheme is http.

The default port is 2015 (unless the site qualifies for automatic HTTPS, in which case it’s changed to 443)

port 80 is automatically enabled as well when the site qualifies for automatic HTTPS because its a requirement for Lets Encrypt ACME challenge.

See: https://caddyserver.com/docs/http-caddyfile#addresses


Got it, thank you!

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.