1. Output of caddy version:
I ran it into docker. caddy:2-alpine
2. How I run Caddy:
docker run --rm -i -t -p 80:80 -p 443:443 -v /data:/data -v $PWD/Caddyfile:/etc/caddy/Caddyfile caddy:2-alpine
a. System environment:
Docker version 20.10.17, build 100c701
b. Command:
docker run --rm -i -t -p 80:80 -p 443:443 -v /data:/data -v $PWD/Caddyfile:/etc/caddy/Caddyfile caddy:2-alpine
c. Service/unit/compose file:
d. My complete Caddy config:
{
email myemail@gmail.com
}
https:// {
log
tls {
on_demand
}
reverse_proxy https://dsfnaz3uro7nv.cloudfront.net {
header_up Host {upstream_hostport}
}
}
3. The problem I’m having:
It succeed If I set Caddy Server’s IP Address as an A record for abc.thecustomer.com.
But I want to provide a CNAME for our customer like in.oursaascompany.com. And I set Caddy Server’s IP Address as an A record for in.oursaascompany.com. And it failed when our customer set an CNAME to our in.oursaascompany.com
It succeed on:
abc.thecustomer.com
A 3.75.249.230
↓
https://dsfnaz3uro7nv.cloudfront.net
It fails on:
abc.thecustomer.com
CNAME in.oursaascompany.com
↓
in.oursaascompany.com
A 3.75.249.230 (Caddy Server IP)
↓
https://dsfnaz3uro7nv.cloudfront.net
4. Error messages and/or full log output:
curl -v https://abc.thecustomer.com
* Trying 108.156.83.114:443...
* TCP_NODELAY set
* Connected to abc.thecustomer.com (108.156.83.114) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* error:1408F10B:SSL routines:ssl3_get_record:wrong version number
* Closing connection 0
curl: (35) error:1408F10B:SSL routines:ssl3_get_record:wrong version number