How to enable HTTPS on IP address (to test on mobile)?

novaotp · July 8, 2025, 9:43pm

1. The problem I’m having:

I’ve been using Caddy for a bit for localhost development and it’s been fantastic. However, I’ve always used localhost. Now, I want to try out my webapp on mobile. However, it seems that I cannot access the webapp using my PC’s IP address, even from my PC.

2. Error messages and/or full log output:

I'm not too sure what logs to put here, if any.

3. Caddy version:

v2.10.0

4. How I installed and ran Caddy:

a. System environment:

Windows 11, using Docker

Client:
 Cloud integration: v1.0.35+desktop.10
 Version:           25.0.3
 API version:       1.44
 Go version:        go1.21.6
 Git commit:        4debf41
 Built:             Tue Feb  6 21:13:02 2024
 OS/Arch:           windows/amd64
 Context:           default

Server: Docker Desktop 4.27.2 (137060)
 Engine:
  Version:          25.0.3
  API version:      1.44 (minimum version 1.24)
  Go version:       go1.21.6
  Git commit:       f417435
  Built:            Tue Feb  6 21:14:25 2024
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.6.28
  GitCommit:        ae07eda36dd25f8a1b98dfbf587313b99c0190bb
 runc:
  Version:          1.1.12
  GitCommit:        v1.1.12-0-g51d5e94
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

b. Command:

docker compose -f .\docker-compose.dev.yml watch

c. Service/unit/compose file:

services:
  # My other apps

  caddy:
    image: caddy:latest
    container_name: caddy
    restart: unless-stopped
    ports:
      - 443:443
    networks:
      - caddy-network
    volumes:
      - ./Caddyfile.dev:/etc/caddy/Caddyfile
      - caddy-data:/data
      - caddy-config:/config

volumes:
  caddy-data:
    name: caddy-data
  caddy-config:
    name: caddy-config

networks:
  caddy-network:
    name: caddy-network

d. My complete Caddy config:

192.168.1.30 being my PC’s IP address
And app being my webapp

localhost:443, 192.168.1.30:443 {
        encode

        reverse_proxy app:5173
}

5. Links to relevant resources:

Mohammed90 · July 8, 2025, 10:28pm

You don’t need the :443 in the host name part because it’s the default when TLS is enabled. To have HTTPS on IP address, use tls internal as such:

localhost, 192.168.1.30 {
        tls internal
        encode

        reverse_proxy app:5173
}

novaotp · July 8, 2025, 10:50pm

You don’t need the :443 in the host name part because it’s the default when TLS is enabled.

I removed it, thank you.

Unfortunately, adding tls internal didn’t change anything. I still get Secure Connection Failed in the browser.

Mohammed90 · July 8, 2025, 11:10pm

Well, yeah, the certificate is not from a trusted authority. You have to bypass it. If you need a publicly trusted certificate, then you cannot use LAN IP address and only a limited set of certificate authorities provide IP certificates.

novaotp · July 9, 2025, 11:28am

Well, that’s a bit disappointing. I’ll probably use a DDNS service to try out my webapp on mobile.

Thank you for your help.