I am at a loss. I have pasted curl output below from the caddy computer console, another machine attempting to access content via caddy, and caddy logs.
I can use curl via the IPs to get the content successfully. However, once caddy is introduced into the chain, I get a 502 bad gateway. I have attempted to configure caddy to match the curl command.
What am I doing wrong?
FROM CADDY CONSOLE
$ curl --insecure https://app.internal.foo.com/webclient/
<!DOCTYPE html>
<html>
<head>
<title>Web Client</title>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/latest/css/bootstrap.min.css">
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/latest/css/bootstrap-theme.min.css">
</head>
<body>
<div id="app">Loading...</div>
<script src="/static/webclient/bundle.e0d8ab921f98.js"></script>
</body>
</html>
$ curl --insecure --resolve 'app.internal.foo.com:443:172.28.14.51' https://app.internal.foo.com/webclient/
<!DOCTYPE html>
<html>
<head>
<title>Web Client</title>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/latest/css/bootstrap.min.css">
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/latest/css/bootstrap-theme.min.css">
</head>
<body>
<div id="app">Loading...</div>
<script src="/static/webclient/bundle.e0d8ab921f98.js"></script>
</body>
</html>
Caddyfile:
$ cat /etc/caddy/Caddyfile
http://*.internal.foo.com {
proxy / http://172.28.14.51:80 {
transparent
}
log stdout
errors stderr
}
https://*.internal.foo.com {
proxy / https://172.28.14.51:443 {
transparent
insecure_skip_verify
}
tls {
max_certs 100
alpn http/1.1
protocols tls1.0 tls1.2
}
log stdout
errors stderr
}
FROM ANOTHER HOST:
$ curl --insecure https://app.internal.foo.com/webclient/
<!DOCTYPE html>
<html>
<head>
<title>Web Client</title>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/latest/css/bootstrap.min.css">
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/latest/css/bootstrap-theme.min.css">
</head>
<body>
<div id="app">Loading...</div>
<script src="/static/webclient/bundle.e0d8ab921f98.js"></script>
</body>
</html>
$ curl --insecure --resolve 'app.internal.foo.com:443:172.28.14.51' https://app.internal.foo.com/webclient/
<!DOCTYPE html>
<html>
<head>
<title>Web Client</title>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/latest/css/bootstrap.min.css">
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/latest/css/bootstrap-theme.min.css">
</head>
<body>
<div id="app">Loading...</div>
<script src="/static/webclient/bundle.e0d8ab921f98.js"></script>
</body>
</html>
$ curl --insecure --resolve 'app.internal.foo.com:443:172.28.14.50' https://app.internal.foo.com/webclient/
502 Bad Gateway
CADDY LOGS FROM A FEW ATTEMPTS:
Oct 08 17:49:06 caddy caddy[4157]: 08/Oct/2019:17:49:06 +0000 [ERROR 502 /webclient/] read tcp 172.28.14.50:34490->172.28.14.51:443: read: connection reset by peer
Oct 08 17:49:06 caddy caddy[4157]: 172.28.14.107 - - [08/Oct/2019:17:49:06 +0000] "GET /webclient/ HTTP/1.1" 502 16
Oct 08 17:49:14 caddy caddy[4157]: 08/Oct/2019:17:49:14 +0000 [ERROR 502 /webclient/] read tcp 172.28.14.50:34492->172.28.14.51:443: read: connection reset by peer
Oct 08 17:49:14 caddy caddy[4157]: 172.28.14.107 - - [08/Oct/2019:17:49:14 +0000] "GET /webclient/ HTTP/1.1" 502 16
Oct 08 17:49:18 caddy caddy[4157]: 08/Oct/2019:17:49:18 +0000 [ERROR 502 /webclient/] read tcp 172.28.14.50:34494->172.28.14.51:443: read: connection reset by peer
Oct 08 17:49:18 caddy caddy[4157]: 172.28.14.107 - - [08/Oct/2019:17:49:18 +0000] "GET /webclient/ HTTP/1.1" 502 16