How to ignore the ssl when I use cURL

1. Output of caddy version:

v2.5.2 h1:eCJdLyEyAGzuQTa5Mh3gETnYWDClo1LjtQm2q9RNZrs=

2. How I run Caddy:

I run it on Debian via sudo service caddy start

a. System environment:

Debian 4.19.249-2 (2022-06-30) x86_64 GNU/Linux

b. Command:

sudo service caddy start

c. Service/unit/compose file:

d. My complete Caddy config:

foo.com {
 tls contact@foo.com
 reverse_proxy 127.0.0.1:3030 {
  header_up Host {http.request.host}
  header_up X-Real-IP {http.request.remote}
  header_up X-Forwarded-For {http.request.remote}
  header_up X-Forwarded-Port {http.request.port}
  header_up X-Forwarded-Proto {http.request.scheme}
 }
}

3. The problem I’m having:

I have a page under this domain name foo.com, its code like following.

<p>hello world</p>

I will get nothing when I run curl foo.com on terminal, but I will get the response when I run curl https://foo.com.

4. Error messages and/or full log output:

Get nothing when run curl fool.com

5. What I already tried:

6. Links to relevant resources:

Append: I would like to get the page’s code whether I use curl foo.com or curl https://foo.com.

Please help, thank you so much.

This post will help you.

2 Likes

Remove all of this from your config. Caddy’s reverse proxy sets proxy headers appropriately, automatically.

That said, why do you want your content to also be served insecurely? You can definitely do that, but you really should have a good reason for it. If you allow your site to be used without encryption, you risk your user’s information, and risk man-in-the-middle attacks manipulating the traffic.

If all you want is for curl to follow the HTTP->HTTPS redirect, use the -L flag which is to follow the Location header, which is to inform the client “hey, make a new request at this URL instead”, in this case over https:// instead.

1 Like

@balloon Cool, thank you so much.