Hello, i have been trieing to reverse proxy a mailU instance but im having issues with https
i have the ports set the 880 (http) and 8443 (https) and normal letsencrypt certs on the mailu instance
im getting a bad gateway when proxying to https:// :8443
im getting a http request to https port when proxying to :8443
im getting a redirect to https at :880
Would it be possible for me to have caddy redirect my normal url to the https port of that docker container?
fixed by skipping ssl verification in caddy, idk why but it works>
proxy / https://13.312.312.1:8443 {
transparent
insecure_skip_verify
}
Caddy, like most modern clients, defaults to requiring a valid HTTPS certificate when connecting to another web server.
Most of the time when a proxy target presents a certificate over a private network, it’s either self-signed or for a different hostname and can’t be validated, so Caddy won’t proceed as a security measure.
insecure_skip_verify disables this security measure, allowing Caddy to proxy to a non-validated upstream.
I second what @Whitestrake said; and generally recommend against using insecure_skip_verify, especially if you do not know what it does. As its name implies, it breaks the security of your connections and so your HTTPS->HTTPS proxy might as well be an HTTP->HTTP proxy (or similar).
There could be a number of things going on – the main thing is that the application being proxied to needs to be configured or designed to work behind a reverse proxy. Applications that aren’t designed for it might only accidentally work with reverse proxies, but most don’t. If you enable the log and errors directives you’ll get more insight into what the actual errors are.
This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.