How to make caddy use not 443 port for https

1. Caddy version (caddy version):

2.4.0-beta.2

2. How I run Caddy:

a. System environment:

ubuntu 20

b. Command:

caddy run

d. My complete Caddyfile or JSON config:

{
  http_port 8010
  https_port 8011
  acme_dns alidns {
    access_key_id "key"
    access_key_secret "secret"
  }
}


a.example.com {
  reverse_proxy localhost:8080
  tls {
   dns alidns {
    access_key_id "key"
    access_key_secret "secret"
   }
  }
}

3. The problem I’m having:

my network’s 80 and 443 port are not reacheable,so i want use 8010 for http,and 8011 for https,
i write the Caddyfile above ,but some error occur

4. Error messages and/or full log output:

root@jesse:~# ./caddy run
2021/04/30 05:50:40.444 INFO    using adjacent Caddyfile
2021/04/30 05:50:40.446 WARN    input is not formatted with 'caddy fmt' {"adapter": "caddyfile", "file": "Caddyfile", "line": 2}
2021/04/30 05:50:40.448 INFO    admin   admin endpoint started  {"address": "tcp/localhost:2019", "enforce_origin": false, "origins": ["localhost:2019", "[::1]:2019", "127.0.0.1:2019"]}
2021/04/30 05:50:40.451 INFO    http    server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS {"server_name": "srv0", "https_port": 8011}
2021/04/30 05:50:40.452 INFO    tls.cache.maintenance   started background certificate maintenance      {"cache": "0xc0002637a0"}
2021/04/30 05:50:40.452 INFO    http    enabling automatic HTTP->HTTPS redirects        {"server_name": "srv0"}
2021/04/30 05:50:40.455 INFO    http    enabling automatic TLS certificate management   {"domains": [""]}
2021/04/30 05:50:40.457 INFO    tls     cleaned up storage units
2021/04/30 05:50:40.457 INFO    autosaved config (load with --resume flag)      {"file": "/root/.config/caddy/autosave.json"}
2021/04/30 05:50:40.460 INFO    serving initial configuration
2021/04/30 05:50:40.457 INFO    tls.obtain      acquiring lock  {"identifier": ""}
2021/04/30 05:50:40.464 INFO    tls.obtain      lock acquired   {"identifier": ""}
2021/04/30 05:50:40.474 INFO    tls.issuance.acme       waiting on internal rate limiter        {"identifiers": [""]}
2021/04/30 05:50:40.476 INFO    tls.issuance.acme       done waiting on internal rate limiter   {"identifiers": [""]}
2021/04/30 05:50:42.375 INFO    tls.issuance.acme.acme_client   trying to solve challenge       {"identifier": "u.jesse233.top", "challenge_type": "dns-01", "ca": "https://acme-v02.api.letsencrypt.org/directory"}
DEBUG:> Request map to str: AccessKeyId=***d&Action=AddDomainRecord&DomainName=jesse233.top&Format=json&RR=_acme-challenge.u&SignatureMethod=HMAC-SHA1&SignatureNonce=1619761913059317650&SignatureVersion=1.0&TTL=600&Timestamp=2021-04-30T05%3A51%3A53Z&Type=TXT&Value=8DXf1HuiL79-aaV28ILLRp22YZkvFR1A8Iww1knMnq8&Version=2015-01-09
DEBUG:> URL to sign: GET&%2F&AccessKeyId%***E3i9z21d%26Action%3DAddDomainRecord%26DomainName%3Djesse233.top%26Format%3Djson%26RR%3D_acme-challenge.u%26SignatureMethod%3DHMAC-SHA1%26SignatureNonce%3D1619761913059317650%26SignatureVersion%3D1.0%26TTL%3D600%26Timestamp%3D2021-04-30T05%253A51%253A53Z%26Type%3DTXT%26Value%3D8DXf1HuiL79-aaV28ILLRp22YZkvFR1A8Iww1knMnq8%26Version%3D2015-01-09
DEBUG:> Request map to str: AccessKeyId=LTAI5tSdi6twq6efE3i9z21d&Action=DeleteDomainRecord&Format=json&RecordId=21687627850003456&SignatureMethod=HMAC-SHA1&SignatureNonce=1619761935580297787&SignatureVersion=1.0&Timestamp=2021-04-30T05%3A52%3A15Z&Version=2015-01-09
DEBUG:> URL to sign: GET&%2F&AccessKeyId%3D2015-01-09
2021/04/30 05:52:15.941 INFO    tls.issuance.acme       waiting on internal rate limiter        {"identifiers": [""]}
2021/04/30 05:52:15.941 INFO    tls.issuance.acme       done waiting on internal rate limiter   {"identifiers": [""]}
2021/04/30 05:52:19.670 INFO    tls.issuance.acme.acme_client   trying to solve challenge       {"identifier": "", "challenge_type": "dns-01", "ca": "https://acme.zerossl.com/v2/DV90"}
DEBUG:> Request map to str: AccessKeyId0&Timestamp=2021-04-30T05%3A52%3A19Z&Type=TXT&Value=YC9SWKzhvxdCj7cZJ2VBzPXkJrdjwJ4tWlzJUtwm6jo&Version=2015-01-09
DEBUG:> URL to sign: GET&%3DTXT%26Value%3DYC9SWKzhvxdCj7cZJ2VBzPXkJrdjwJ4tWlzJUtwm6jo%26Version%3D2015-01-09
DEBUG:> Request map to str: AccessKeyId9
DEBUG:> URL to sign: GET&%2F&AccessKeyId%3D2015-01-09
2021/04/30 05:54:05.671 ERROR   tls.obtain      will retry      {"error": "[] Obtain: [] solving challenges: waiting for solver certmagic.solverWrapper to be ready: checking DNS propagation of _acme-challenge.: read tcp 192.168.2.111:59066->106.11.211.70:53: i/o timeout (order=https://acme.zerossl.com/v2/DV90/order/Es2jAcWl9vERLNo7qkwHfQ) (ca=https://acme.zerossl.com/v2/DV90)", "attempt": 1, "retrying_in": 60, "elapsed": 205.206058478, "max_duration": 2592000}

5. What I already tried:

i’ve tried google,but can;t find the reason

6. Links to relevant resources:

This doesn’t look right, I think the alidns plugin needs an update to work with the latest version of Caddy, which uses the libdns API a little differently. See this issue:

thanks,i use https://github.com/caddy-dns/alidns .

Yep - libdns/alidns is the actual underlying functionality, caddy-dns/alidns is just the glue between the libdns implementation and Caddy (to make it possible to configure via JSON or the Caddyfile)

1 Like