Forgive me for the simplicity of this question, but I’m fairly new to managing web servers. I have an app (Rocket.Chat) installed via snap. I used their instructions to configure Caddy. BUT… I forgot to wait on the guy with DNS access to put in the record for the URL. So when Caddy attempted to get a cert, of course it failed and nothing happens when you attempt to go to 443 (even on the internal IP of the server).
Anyways, my questions is about how to proceed from here. Will Caddy continue to attempt to get a cert, or should I start the process over again?
Caddy tried once, failed and aborted. You have to start it again when the DNS records are ready.
It isn’t a good idea to let it try again in an infinite loop because you would quickly hit Let’s Encrypt api call limits and would be blocked for a while. Not good!
That’s true, but not entirely true. You can use the DNS challenge before DNS records are set to your server. There are instructions in the docs: Automatic HTTPS — Caddy Documentation - all you need is
dns <providername> in the
tls directive of your Caddyfile. Most major DNS providers are supported.
Otherwise you could just serve over HTTP for now. Hard-code
:80 into the site address of your Caddyfile for that.
I just realised rocket.chat’s instructions ask you to do this:
I’m irrationally angry about this. (Just kidding ;))
Other than the fact that you can just remove the
http(s):// scheme entirely and Caddy will automatically handle the redirection, their instructions are all good.
Edit: Looks like they updated it! Neat.
Huh, I thought I talked to them about that, telling them they could just remove that entire first site definition (with the plain HTTP). (@Whitestrake - where are you seeing they updated it? Configuring SSL Reverse Proxy - Rocket.Chat Docs shows some very old configuration for me.)
You did I didn’t do immediately and forgot. Thanks to @Whitestrake for poking us I saw the email and quickly changed before I forgot again
This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.