HTTP works, HTTPS gives ERR_SSL_PROTOCOL_ERROR

Kieren_Connell · October 22, 2020, 10:35am

1. Caddy version (`v2.2.1 h1:Q62GWHMtztnvyRU+KPOpw6fNfeCD3SkwH7SfT1Tgt2c=`):

2. How I run Caddy:

a. System environment:

Windows Server 2019 Standard

b. Command:

caddy run
2020/10/22 10:20:15.888 e[34mINFOe[0m   using adjacent Caddyfile
2020/10/22 10:20:15.907 e[34mINFOe[0m   admin   admin endpoint started  {"address": "tcp/localhost:2019", "enforce_origin": false, "origins": ["localhost:2019", "[::1]:2019", "127.0.0.1:2019"]}
2020/10/22 10:20:15.911 e[34mINFOe[0m   tls.cache.maintenance   started background certificate maintenance      {"cache": "0xc000932d20"}
2020/10/22 10:20:15.913 e[34mINFOe[0m   http    server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS {"server_name": "srv0", "https_port": 443}
2020/10/22 10:20:15.917 e[34mINFOe[0m   http    enabling automatic HTTP->HTTPS redirects        {"server_name": "srv0"}
2020/10/22 10:20:15.922 e[34mINFOe[0m   http    enabling automatic TLS certificate management   {"domains": ["request.kierenconnell.com"]}
2020/10/22 10:20:15.930 e[34mINFOe[0m   tls     cleaned up storage units
2020/10/22 10:20:15.958 e[34mINFOe[0m   autosaved config        {"file": "C:\\Users\\Administrator\\AppData\\Roaming\\Caddy\\autosave.json"}
2020/10/22 10:20:15.959 e[34mINFOe[0m   serving initial configuration

c. Service/unit/compose file:

N/A

d. My complete Caddyfile or JSON config:

request.kierenconnell.com {
tls notflixserver@gmail.com {
	dns cloudflare ########################################
}
    encode gzip
        log {
            output file C:\Plex\Caddy\logs\ombi_access.log {
                roll true               # Rotate logs, enabled by default
                roll_size_mb 5          # Set max size 5 MB
                roll_gzip true          # Whether to compress rolled files
                roll_local_time true    # Use localhost time
                roll_keep 2             # Keep at most 2 log files
                roll_keep_days 7        # Keep log files for 7 days
            }
        }
    reverse_proxy localhost:5000
}

3. The problem I’m having:

request.kierenconnell.com serves up the correct page under http and works perfectly fine
https://request.kierenconnell.com serves up ERR_SSL_PROTOCOL_ERROR

4. Error messages and/or full log output:

N/A

5. What I already tried:

I have port forwarding set up for ports 443 and 80 to port 5000 from my Ubiquti Gateway through to my server

Kieren_Connell · October 22, 2020, 1:02pm

Feel free to delete this thread.
But I managed to solve my issue, and unfortunately/fortunately, it was a pretty simple and pretty stupid error on my part.

I’ve been setting this up on and off for the past few weeks whenever I’ve had some spare time, so there’s been a few large gaps in learning, remembering, and implementing.

Issue boiled down to the fact I was forwarding all web traffic from ports 443 and 80, through to port 5000 on my server.
Saying it out loud, it’s a pretty dumb mistake.
As soon as I fixed the port forwarding, magic. Site now appears with a valid certificate.

Caddyfile seems to be configured perfectly fine, as it’s working (Although if anyone can spot any issues, please let me know)
Dropped in my second subdomain underneath the first and it loads up straight away with a nice padlock in Chrome.

matt · October 24, 2020, 2:43am

Thanks for following up with the solution! It will probably help future searchers.

system · November 21, 2020, 10:35am

This topic was automatically closed after 30 days. New replies are no longer allowed.