explain what you are trying to do
We use Caddy for about 25 domains on a single server. These are simple HTML landing pages served via another simple go application that compiles markdown with html templates. Caddy makes it easy to get SSL up and running.
We compile Caddy from source and include the following plugins
github.com/hacdias/caddy-minify
GitHub - epicagency/caddy-expires: Provides a directive to add expires headers to certain paths
GitHub - simia-tech/caddy-locale: Locale detection for caddy
GitHub - jung-kurt/caddy-cgi: Common Gateway Interface plugin for the Caddy HTTP server
Our latest build was created based on master from commit f6e6a6be0446a8455001d6202032b20b64b37569
Here is what our configuration looks like
https://{{h.name}} {
gzip
log / /var/log/caddy/access.log "{remote} - [{when}] {method} {path} {proto} {host} {status} {size}"
errors /var/log/caddy/errors.log
tls {
max_certs 100
}
header / Strict-Transport-Security "max-age=31536000;"
proxy / {{h.ip}}:{{h.port}} {
transparent
}
}
show what you have already tried
I tried restarting Caddy and I searched the error logs for any clues but I do not see any errors. I also created another build of caddy to make sure it wasn’t a bad build.
include error messages and log output
If I visit one of our sites via IE11 on Windows 8 I get the following error (Google Translated from German).
This page can not be displayed.
Enable TLS 1.0, TLS 1.1, and TLS 1.2 in Advanced Settings, and try connecting to {removed} again. If the error persists, this Web site may use an unsupported log or unsupported cipher suite, such as RC4 (link to details), which is considered unsafe. Contact the site administrator.
I removed the domain as I don’t want to affect search results for this page. One site is plexus dash
kvn dot
de if you would like to test this.
I used SSL Server Test (Powered by Qualys SSL Labs) to test this further and I see the error Server sent fatal alert: handshake_failure
on IE11 with older versions of Windows and on older versions of Safari.
Please let me know if you have any ideas on what the problem could be. Thanks!