The syntax isn’t right here. transport is a subdirective of reverse_proxy, so you would need to use braces around it.
Also, tls is not a subdirective of transport, it’s a regular directive, and should not be inside the braces of another directive.
Your second site is more correct.
Yeah, Caddy v1 had proxy, v2 has reverse_proxy – that’s one telling difference usually.
Are you sure your files are actually mounted in your container? You didn’t share your docker-compose file or docker commands. Please fill out the template completely!
Are you sure your files are actually mounted in your container? You didn’t share your docker-compose file or docker commands. Please fill out the template completely!
You should be using caddy, not caddy/caddy. And you should be specifying a label, not using latest. See Docker
Since root is the home directory in the container, I would recommend using a different directory for this mount. Maybe /certs.
Also, please remember to persist /data, even if you’re providing your own certs, because Caddy stores information in there that should not be lost between restarts. See Docker
What does the content of your certificate file look like? (Don’t worry, there’s no secret info in the certificate, since it’s sent to browsers on every request – but don’t share the private key)
That error message is pretty clear - it wasn’t able to load the certificate from file, likely because the data wasn’t formatted correctly.
Please use ``` on the lines before and after your config to use code formatting when posting them to the forums, instead of using block quotes. It preserves whitespace and syntax correctly.
So seeing *.grupoviteri.com in here tells me that this is a wildcard certificate. The problem is that you’re use two subdomains. Wildcard certs are only valid for the next subdomain level down. You would need a wildcard certificate for *.telefonia.grupoviteri.com.
Because graph.telefonia.grupoviteri.com is not a match for the certificate provided, Caddy is trying to have a certificate issued for that domain. That’s all the ZeroSSL log messages you’re seeing.
Hello, I created a new cert for *.telefonia.grupoviteri.com but I also stopped using Cloudflare SSL for that domain.
The reason being, is that originally I wanted this domain only to be accessible via a private IP, but Caddy would try to get a certificate which would not resolve (due to being pointed to a private ip address) this I why I exposed this server to the internet when I asked this question.
However, after creating an SSL certificate for *.telefonia.grupoviteri.com allowed Caddy to stop complaining and I switched back to the private IP address. So all domains work as expected (one public and one private)