Https not working anymore

tubbs · February 7, 2024, 7:52am

1. The problem I’m having:

2. Error messages and/or full log output:

TCP_NODELAY set

    Connected to thedomain.com (x.x.x.x) port 443 (#0)
    ALPN, offering h2
    ALPN, offering http/1.1
    successfully set certificate verify locations:
    CAfile: /etc/ssl/certs/ca-certificates.crt
    CApath: /etc/ssl/certs
    TLSv1.3 (OUT), TLS handshake, Client hello (1):
    TLSv1.3 (IN), TLS alert, internal error (592):
    error:14094438:SSL routines:ssl3_read_bytes:tlsv1 alert internal error
    Closing connection 0
    curl: (35) error:14094438:SSL routines:ssl3_read_bytes:tlsv1 alert internal error 

==================== open ssl command gives ==============

openssl s_client -connect thedomain:443
CONNECTED(00000003)
140225236829504:error:14094438:SSL routines:ssl3_read_bytes:tlsv1 alert internal error:../ssl/record/rec_layer_s3.c:1543:SSL alert number 80

3. Caddy version:

2.7.5

4. How I installed and ran Caddy:

Using docker image run it with docker compose and php-fpm

a. System environment:

Ubuntu 22.04

b. Command:

PASTE OVER THIS, BETWEEN THE ``` LINES.
Please use the preview pane to ensure it looks nice.

c. Service/unit/compose file:

PASTE OVER THIS, BETWEEN THE ``` LINES.
Please use the preview pane to ensure it looks nice.

d. My complete Caddy config:

thedomain.com {
root * /srv/public
php_fastcgi accounts-fpm:9000
file_server

}```

5. Links to relevant resources:

francislavoie · February 7, 2024, 7:54am

What’s in Caddy’s logs?

Your post is incomplete. We’re missing important information.

tubbs · February 7, 2024, 7:59am

ok I see, I will try to find that

tubbs · February 7, 2024, 8:12am

Once I found out how to properly log it with → docker logs --tail 50 --follow --timestamps contanierid I now see that it seems related to firewall issues. I will check it out and resolve this post if that is the reason for the error. Thank you.

francislavoie · February 7, 2024, 8:16am

Okay.

Your post is quite a mess.

Make sure every code block is closed.

Code blocks start and end with ``` on their own lines.

tubbs · February 7, 2024, 8:30am

Sorry for the messy post I can’t get it right in your template. Perhaps would input fields for each section be an option for dummies like me :). The problem was firewall related and the acme challange would not go trough since the machine was only accessible from 2 ips. Sorry for taking up you time for something not related to Caddy at all.

system · March 8, 2024, 8:30am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.