Issue running caddy in ECS

1. The problem I’m having:

Having issues with TLS when using CF plugin.

2. Error messages and/or full log output:

{"level":"debug","ts":1718606116.60219,"logger":"http.stdlib","msg":"http: TLS handshake error from 78.83.53.34:55432: no certificate available for '10.0.101.240'"}

3. Caddy version:

# caddy version
v2.8.4 h1:q3pe0wpBj1OcHFZ3n/1nl4V4bxBrYoSoab7rL9BMYNk=

4. How I installed and ran Caddy:

a. System environment:

Via a Dockerfile

ARG ARCH=
FROM ${ARCH}caddy:builder-alpine AS builder

RUN xcaddy build --with github.com/caddy-dns/cloudflare

FROM ${ARCH}caddy:alpine

COPY --from=builder /usr/bin/caddy /usr/bin/caddy

ARG CADDYFILE=
COPY ${CADDYFILE}Caddyfile /etc/caddy/Caddyfile

# Format file to avoid errors
RUN /usr/bin/caddy fmt --overwrite /etc/caddy/Caddyfile

# Add caddy validate to check Caddyfile
RUN /usr/bin/caddy validate --config /etc/caddy/Caddyfile

EXPOSE 80 443

b. Command:

It’s using the default container entrypoint

c. Service/unit/compose file:

d. My complete Caddy config:

# The Caddyfile is an easy way to configure your Caddy web server.
#
# Unless the file starts with a global options block, the first
# uncommented line is always the address of your site.
#
# To use your own domain name (with automatic HTTPS), first make
# sure your domain's A/AAAA DNS records are properly pointed to
# this machine's public IP, then replace ":80" below with your
# domain name.

# Debug for TLS renegitioation
{
	debug
	acme_ca https://acme-v02.api.letsencrypt.org/directory
	email services@tritile.com
}


# Define the main domain and wildcard domain together
tritile.com, www.tritile.com, *.tritile.com {
    tls {
        dns cloudflare {env.CF_API_TOKEN}
    }
    reverse_proxy caddy-test.webflow.io {
        header_up Host {host}
    }
}


# refer to the caddy docs for more information:
# https://caddyserver.com/docs/caddyfile

I have A records pointing to the public IP of the ECS task with DNS only setting in CloudFlare

5. Links to relevant resources:

That’s a debug log. This is saying something made an HTTPS request without TLS-SNI, to the hostname 10.0.101.240. That seems wrong. But that might just be a bot/crawler.

What else are in your logs? Please show all your logs, not just one cherry-picked entry which might not be relevant.

If I open your domain, I see this:

Fastly error: unknown domain: tritile.com. Please check that this domain has been added to a service.

I think you should deal with that first. I don’t think your domain is correct.

1 Like

I double-checked the domains, and they are properly configured within Cloudflare to point to the public IPv4 address of the ECS task running Caddy via A records with “DNS only”.

I have also been playing around a bit with the config and it seems that if I remove

	reverse_proxy caddy-test.webflow.io {
		header_up host {host}
	}

The error you mentioned

Fastly error: unknown domain: tritile.com. Please check that this domain has been added to a service.

Is no longer present
I am also including the debug logs from the reload after I made the following change

/srv # cat /etc/caddy/Caddyfile
# The Caddyfile is an easy way to configure your Caddy web server.
#
# Unless the file starts with a global options block, the first
# uncommented line is always the address of your site.
#
# To use your own domain name (with automatic HTTPS), first make
# sure your domain's A/AAAA DNS records are properly pointed to
# this machine's public IP, then replace ":80" below with your
# domain name.

# Debug for TLS renegitioation
{
	debug
	acme_ca https://acme-v02.api.letsencrypt.org/directory
	email services@tritile.com
}

tritile.com {
	tls {
		dns cloudflare {env.CF_API_TOKEN}
	}
	# set this path to your site's directory.
	# root * /usr/share/caddy
}

*.tritile.com {
	tls {
		dns cloudflare {env.CF_API_TOKEN}
	}
	# set this path to your site's directory.
	# root * /usr/share/caddy
}

www.tritile.com {
	tls {
		dns cloudflare {env.CF_API_TOKEN}
	}
	# set this path to your site's directory.
	# root * /usr/share/caddy
}

Logs after change and reload

18 June 2024 at 11:09 (UTC+3:00)
{"level":"info","ts":1718698154.0249949,"logger":"http.auto_https","msg":"server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS","server_name":"srv0","https_port":443}
caddy
18 June 2024 at 11:09 (UTC+3:00)
{"level":"info","ts":1718698154.0250585,"logger":"http.auto_https","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv0"}
caddy
18 June 2024 at 11:09 (UTC+3:00)
{"level":"debug","ts":1718698154.025111,"logger":"http.auto_https","msg":"adjusted config","tls":{"automation":{"policies":[{"subjects":["www.tritile.com","tritile.com","*.tritile.com"]},{}]}},"http":{"servers":{"remaining_auto_https_redirects":{"listen":[":80"],"routes":[{},{}]},"srv0":{"listen":[":443"],"routes":[{"terminal":true},{"terminal":true},{"terminal":true}],"tls_connection_policies":[{}],"automatic_https":{}}}}}
caddy
18 June 2024 at 11:09 (UTC+3:00)
{"level":"debug","ts":1718698154.0252395,"logger":"http","msg":"starting server loop","address":"[::]:80","tls":false,"http3":false}
caddy
18 June 2024 at 11:09 (UTC+3:00)
{"level":"info","ts":1718698154.0252492,"logger":"http.log","msg":"server running","name":"remaining_auto_https_redirects","protocols":["h1","h2","h3"]}
caddy
18 June 2024 at 11:09 (UTC+3:00)
{"level":"info","ts":1718698154.0253005,"logger":"http","msg":"enabling HTTP/3 listener","addr":":443"}
caddy
18 June 2024 at 11:09 (UTC+3:00)
{"level":"debug","ts":1718698154.0253334,"logger":"http","msg":"starting server loop","address":"[::]:443","tls":true,"http3":true}
caddy
18 June 2024 at 11:09 (UTC+3:00)
{"level":"info","ts":1718698154.025343,"logger":"http.log","msg":"server running","name":"srv0","protocols":["h1","h2","h3"]}
caddy
18 June 2024 at 11:09 (UTC+3:00)
{"level":"info","ts":1718698154.0253575,"logger":"http","msg":"enabling automatic TLS certificate management","domains":["www.tritile.com","tritile.com","*.tritile.com"]}
caddy
18 June 2024 at 11:09 (UTC+3:00)
{"level":"info","ts":1718698154.0253925,"logger":"http","msg":"servers shutting down with eternal grace period"}
caddy
18 June 2024 at 11:09 (UTC+3:00)
{"level":"info","ts":1718698154.0256386,"msg":"autosaved config (load with --resume flag)","file":"/config/caddy/autosave.json"}
caddy
18 June 2024 at 11:09 (UTC+3:00)
{"level":"info","ts":1718698154.0256507,"logger":"admin.api","msg":"load complete"}
caddy
18 June 2024 at 11:09 (UTC+3:00)
{"level":"info","ts":1718698154.02594,"logger":"admin","msg":"stopped previous server","address":"localhost:2019"}
caddy
18 June 2024 at 11:09 (UTC+3:00)
{"level":"info","ts":1718698154.0240295,"logger":"admin.api","msg":"received request","method":"POST","host":"localhost:2019","uri":"/load","remote_ip":"127.0.0.1","remote_port":"51264","headers":{"Accept-Encoding":["gzip"],"Content-Length":["586"],"Content-Type":["application/json"],"Origin":["http://localhost:2019"],"User-Agent":["Go-http-client/1.1"]}}
caddy
18 June 2024 at 11:09 (UTC+3:00)
{"level":"info","ts":1718698154.0246243,"logger":"admin","msg":"admin endpoint started","address":"localhost:2019","enforce_origin":false,"origins":["//127.0.0.1:2019","//localhost:2019","//[::1]:2019"]}

The logs from before the change are a lot, that is why though it may be good to truncate them a bit.
Here are some of the logs pre-change

18 June 2024 at 11:07 (UTC+3:00)
{"level":"debug","ts":1718698021.633097,"logger":"events","msg":"event","name":"tls_get_certificate","id":"611ebbcd-a55c-4eec-862b-673c3744d800","origin":"tls","data":{"client_hello":{"CipherSuites":[4865,4866,4867],"ServerName":"asd.tritile.com","SupportedCurves":[25497,29,23,24],"SupportedPoints":null,"SignatureSchemes":[1027,2052,1025,1283,2053,1281,2054,1537,513],"SupportedProtos":["h3"],"SupportedVersions":[772],"RemoteAddr":{"IP":"78.83.53.34","Port":54861,"Zone":""},"LocalAddr":{"IP":"10.0.101.240","Port":443,"Zone":""}}}}
caddy
18 June 2024 at 11:07 (UTC+3:00)
{"level":"debug","ts":1718698021.6331146,"logger":"tls.handshake","msg":"no matching certificates and no custom selection logic","identifier":"asd.tritile.com"}
caddy
18 June 2024 at 11:07 (UTC+3:00)
{"level":"debug","ts":1718698021.6331646,"logger":"tls.handshake","msg":"choosing certificate","identifier":"*.tritile.com","num_choices":1}
caddy
18 June 2024 at 11:07 (UTC+3:00)
{"level":"debug","ts":1718698021.6331859,"logger":"tls.handshake","msg":"default certificate selection results","identifier":"*.tritile.com","subjects":["*.tritile.com"],"managed":true,"issuer_key":"acme-v02.api.letsencrypt.org-directory","hash":"3628d085bcf213c60346b8a0d3b818c08d44d255462b2d901edc8d1e6caaf5e7"}
caddy
18 June 2024 at 11:07 (UTC+3:00)
{"level":"debug","ts":1718698021.6331964,"logger":"tls.handshake","msg":"matched certificate in cache","remote_ip":"78.83.53.34","remote_port":"54861","subjects":["*.tritile.com"],"managed":true,"expiration":1726378221,"hash":"3628d085bcf213c60346b8a0d3b818c08d44d255462b2d901edc8d1e6caaf5e7"}
caddy
18 June 2024 at 11:07 (UTC+3:00)
{"level":"debug","ts":1718698021.631947,"logger":"http.handlers.reverse_proxy","msg":"upstream roundtrip","upstream":"caddy-test.webflow.io:80","duration":0.000978184,"request":{"remote_ip":"78.83.53.34","remote_port":"49681","client_ip":"78.83.53.34","proto":"HTTP/2.0","method":"GET","host":"asd.tritile.com","uri":"/favicon.ico","headers":{"Sec-Ch-Ua":["\"Google Chrome\";v=\"125\", \"Chromium\";v=\"125\", \"Not.A/Brand\";v=\"24\""],"Sec-Ch-Ua-Platform":["\"macOS\""],"Accept":["image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8"],"X-Forwarded-Host":["asd.tritile.com"],"Accept-Language":["en-GB,en-US;q=0.9,en;q=0.8"],"X-Forwarded-Proto":["https"],"Priority":["u=1, i"],"Sec-Ch-Ua-Mobile":["?0"],"Accept-Encoding":["gzip, deflate, br, zstd"],"User-Agent":["Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36"],"Sec-Fetch-Mode":["no-cors"],"Sec-Fetch-Site":["same-origin"],"Referer":["https://asd.tritile.com/"],"X-Forwarded-For":["78.83.53.34"],"Sec-Fetch-Dest":["image"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"h2","server_name":"asd.tritile.com"}},"headers":{"Via":["1.1 varnish"],"Content-Length":["258"],"Server":["Varnish"],"Content-Type":["text/html"],"Cache-Control":["private, no-cache"],"X-Served-By":["cache-fra-etou8220111-FRA"],"Connection":["keep-alive"],"Retry-After":["0"],"Accept-Ranges":["bytes"],"Date":["Tue, 18 Jun 2024 08:07:01 GMT"]},"status":500}
caddy
18 June 2024 at 11:07 (UTC+3:00)
{"level":"debug","ts":1718698021.6308284,"logger":"http.handlers.reverse_proxy","msg":"selected upstream","dial":"caddy-test.webflow.io:80","total_upstreams":1}
caddy
18 June 2024 at 11:07 (UTC+3:00)
{"level":"debug","ts":1718698021.5390553,"logger":"http.handlers.reverse_proxy","msg":"upstream roundtrip","upstream":"caddy-test.webflow.io:80","duration":0.009694138,"request":{"remote_ip":"78.83.53.34","remote_port":"49681","client_ip":"78.83.53.34","proto":"HTTP/2.0","method":"GET","host":"asd.tritile.com","uri":"/","headers":{"Accept-Encoding":["gzip, deflate, br, zstd"],"Priority":["u=0, i"],"Sec-Fetch-Dest":["document"],"X-Forwarded-Host":["asd.tritile.com"],"User-Agent":["Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36"],"X-Forwarded-Proto":["https"],"Sec-Ch-Ua-Mobile":["?0"],"Sec-Ch-Ua-Platform":["\"macOS\""],"Sec-Fetch-Mode":["navigate"],"Upgrade-Insecure-Requests":["1"],"Accept-Language":["en-GB,en-US;q=0.9,en;q=0.8"],"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7"],"Sec-Fetch-Site":["none"],"Sec-Ch-Ua":["\"Google Chrome\";v=\"125\", \"Chromium\";v=\"125\", \"Not.A/Brand\";v=\"24\""],"X-Forwarded-For":["78.83.53.34"],"Sec-Fetch-User":["?1"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"h2","server_name":"asd.tritile.com"}},"headers":{"Content-Length":["258"],"Retry-After":["0"],"X-Served-By":["cache-fra-etou8220111-FRA"],"Date":["Tue, 18 Jun 2024 08:07:01 GMT"],"Via":["1.1 varnish"],"Connection":["keep-alive"],"Server":["Varnish"],"Content-Type":["text/html"],"Cache-Control":["private, no-cache"],"Accept-Ranges":["bytes"]},"status":500}
caddy
18 June 2024 at 11:07 (UTC+3:00)
{"level":"debug","ts":1718698021.5292912,"logger":"http.handlers.reverse_proxy","msg":"selected upstream","dial":"caddy-test.webflow.io:80","total_upstreams":1}
caddy
18 June 2024 at 11:07 (UTC+3:00)
{"level":"debug","ts":1718698021.4373322,"logger":"events","msg":"event","name":"tls_get_certificate","id":"47a0f327-74ec-4a1a-b4e7-a510dd4845e0","origin":"tls","data":{"client_hello":{"CipherSuites":[31354,4865,4866,4867,49195,49199,49196,49200,52393,52392,49171,49172,156,157,47,53],"ServerName":"asd.tritile.com","SupportedCurves":[51914,25497,29,23,24],"SupportedPoints":"AA==","SignatureSchemes":[1027,2052,1025,1283,2053,1281,2054,1537],"SupportedProtos":["h2","http/1.1"],"SupportedVersions":[2570,772,771],"RemoteAddr":{"IP":"78.83.53.34","Port":49681,"Zone":""},"LocalAddr":{"IP":"10.0.101.240","Port":443,"Zone":""}}}}
caddy
18 June 2024 at 11:07 (UTC+3:00)
{"level":"debug","ts":1718698021.4373555,"logger":"tls.handshake","msg":"no matching certificates and no custom selection logic","identifier":"asd.tritile.com"}
caddy
18 June 2024 at 11:07 (UTC+3:00)
{"level":"debug","ts":1718698021.4373622,"logger":"tls.handshake","msg":"choosing certificate","identifier":"*.tritile.com","num_choices":1}
caddy
18 June 2024 at 11:07 (UTC+3:00)
{"level":"debug","ts":1718698021.4373736,"logger":"tls.handshake","msg":"default certificate selection results","identifier":"*.tritile.com","subjects":["*.tritile.com"],"managed":true,"issuer_key":"acme-v02.api.letsencrypt.org-directory","hash":"3628d085bcf213c60346b8a0d3b818c08d44d255462b2d901edc8d1e6caaf5e7"}
caddy
18 June 2024 at 11:07 (UTC+3:00)
{"level":"debug","ts":1718698021.4373825,"logger":"tls.handshake","msg":"matched certificate in cache","remote_ip":"78.83.53.34","remote_port":"49681","subjects":["*.tritile.com"],"managed":true,"expiration":1726378221,"hash":"3628d085bcf213c60346b8a0d3b818c08d44d255462b2d901edc8d1e6caaf5e7"}
caddy
18 June 2024 at 10:46 (UTC+3:00)
{"level":"debug","ts":1718696776.6303923,"logger":"http.handlers.reverse_proxy","msg":"upstream roundtrip","upstream":"caddy-test.webflow.io:80","duration":0.001333267,"request":{"remote_ip":"78.83.53.34","remote_port":"49179","client_ip":"78.83.53.34","proto":"HTTP/3.0","method":"GET","host":"www.tritile.com","uri":"/favicon.ico","headers":{"Sec-Fetch-Mode":["no-cors"],"Sec-Ch-Ua":["\"Google Chrome\";v=\"125\", \"Chromium\";v=\"125\", \"Not.A/Brand\";v=\"24\""],"Referer":["https://www.tritile.com/"],"Accept-Language":["en-GB,en-US;q=0.9,en;q=0.8"],"User-Agent":["Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36"],"Sec-Ch-Ua-Platform":["\"macOS\""],"X-Forwarded-For":["78.83.53.34"],"X-Forwarded-Host":["www.tritile.com"],"Sec-Fetch-Dest":["image"],"Priority":["u=1, i"],"Accept-Encoding":["gzip, deflate, br, zstd"],"Sec-Fetch-Site":["same-origin"],"Sec-Ch-Ua-Mobile":["?0"],"X-Forwarded-Proto":["https"],"Accept":["image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"h3","server_name":"www.tritile.com"}},"headers":{"Server":["Varnish"],"Content-Type":["text/html"],"Cache-Control":["private, no-cache"],"X-Served-By":["cache-fra-eddf8230038-FRA"],"Accept-Ranges":["bytes"],"Via":["1.1 varnish"],"Connection":["keep-alive"],"Content-Length":["258"],"Retry-After":["0"],"Date":["Tue, 18 Jun 2024 07:46:16 GMT"]},"status":500}
caddy
18 June 2024 at 10:46 (UTC+3:00)
{"level":"debug","ts":1718696776.6289332,"logger":"http.handlers.reverse_proxy","msg":"selected upstream","dial":"caddy-test.webflow.io:80","total_upstreams":1}
caddy
18 June 2024 at 10:46 (UTC+3:00)
{"level":"debug","ts":1718696776.4934733,"logger":"http.handlers.reverse_proxy","msg":"upstream roundtrip","upstream":"caddy-test.webflow.io:80","duration":0.013962926,"request":{"remote_ip":"78.83.53.34","remote_port":"49179","client_ip":"78.83.53.34","proto":"HTTP/3.0","method":"GET","host":"www.tritile.com","uri":"/","headers":{"Sec-Fetch-User":["?1"],"Priority":["u=0, i"],"Sec-Ch-Ua":["\"Google Chrome\";v=\"125\", \"Chromium\";v=\"125\", \"Not.A/Brand\";v=\"24\""],"Sec-Fetch-Mode":["navigate"],"Sec-Ch-Ua-Platform":["\"macOS\""],"X-Forwarded-Host":["www.tritile.com"],"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7"],"User-Agent":["Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36"],"Sec-Fetch-Site":["none"],"Sec-Fetch-Dest":["document"],"Upgrade-Insecure-Requests":["1"],"Accept-Language":["en-GB,en-US;q=0.9,en;q=0.8"],"Accept-Encoding":["gzip, deflate, br, zstd"],"X-Forwarded-For":["78.83.53.34"],"X-Forwarded-Proto":["https"],"Sec-Ch-Ua-Mobile":["?0"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"h3","server_name":"www.tritile.com"}},"headers":{"Content-Length":["258"],"Server":["Varnish"],"Content-Type":["text/html"],"Accept-Ranges":["bytes"],"Date":["Tue, 18 Jun 2024 07:46:16 GMT"],"Connection":["keep-alive"],"Retry-After":["0"],"Cache-Control":["private, no-cache"],"X-Served-By":["cache-fra-eddf8230038-FRA"],"Via":["1.1 varnish"]},"status":500}
caddy
18 June 2024 at 10:46 (UTC+3:00)
{"level":"debug","ts":1718696776.4793932,"logger":"http.handlers.reverse_proxy","msg":"selected upstream","dial":"caddy-test.webflow.io:80","total_upstreams":1}
caddy
18 June 2024 at 10:46 (UTC+3:00)
{"level":"debug","ts":1718696776.4355793,"logger":"events","msg":"event","name":"tls_get_certificate","id":"60c69002-5abc-47c8-8ba4-7233adb66da3","origin":"tls","data":{"client_hello":{"CipherSuites":[4865,4866,4867],"ServerName":"www.tritile.com","SupportedCurves":[25497,29,23,24],"SupportedPoints":null,"SignatureSchemes":[1027,2052,1025,1283,2053,1281,2054,1537,513],"SupportedProtos":["h3"],"SupportedVersions":[772],"RemoteAddr":{"IP":"78.83.53.34","Port":49179,"Zone":""},"LocalAddr":{"IP":"10.0.101.240","Port":443,"Zone":""}}}}
caddy
18 June 2024 at 10:46 (UTC+3:00)
{"level":"debug","ts":1718696776.4356062,"logger":"tls.handshake","msg":"choosing certificate","identifier":"www.tritile.com","num_choices":1}
caddy
18 June 2024 at 10:46 (UTC+3:00)
{"level":"debug","ts":1718696776.4356363,"logger":"tls.handshake","msg":"default certificate selection results","identifier":"www.tritile.com","subjects":["www.tritile.com"],"managed":true,"issuer_key":"acme-v02.api.letsencrypt.org-directory","hash":"f43b6e56b1e69de57ee60a88414bca9e5c629c10504d5b1cc4b622ef75e253a1"}
caddy
18 June 2024 at 10:46 (UTC+3:00)
{"level":"debug","ts":1718696776.4356558,"logger":"tls.handshake","msg":"matched certificate in cache","remote_ip":"78.83.53.34","remote_port":"49179","subjects":["www.tritile.com"],"managed":true,"expiration":1726378201,"hash":"f43b6e56b1e69de57ee60a88414bca9e5c629c10504d5b1cc4b622ef75e253a1"}
caddy
18 June 2024 at 10:44 (UTC+3:00)
{"level":"debug","ts":1718696641.3615935,"logger":"events","msg":"event","name":"tls_get_certificate","id":"3189486f-3663-4b1f-9ac6-759876915c20","origin":"tls","data":{"client_hello":{"CipherSuites":[51,103,158,57,107,159,49161,49187,49195,49162,49188,49196,52393,49159,49170,49171,49191,49199,49172,49192,49200,52392,49169,10,47,60,156,53,61,157,5],"ServerName":"","SupportedCurves":[23,24,25],"SupportedPoints":"AA==","SignatureSchemes":[1025,1027,513,515],"SupportedProtos":null,"SupportedVersions":[771,770,769],"RemoteAddr":{"IP":"45.79.218.43","Port":53458,"Zone":""},"LocalAddr":{"IP":"10.0.101.240","Port":443,"Zone":""}}}}
caddy
18 June 2024 at 10:44 (UTC+3:00)
{"level":"debug","ts":1718696641.3616192,"logger":"tls.handshake","msg":"no matching certificates and no custom selection logic","identifier":"10.0.101.240"}
caddy
18 June 2024 at 10:44 (UTC+3:00)
{"level":"debug","ts":1718696641.3616474,"logger":"tls.handshake","msg":"no certificate matching TLS ClientHello","remote_ip":"45.79.218.43","remote_port":"53458","server_name":"","remote":"45.79.218.43:53458","identifier":"10.0.101.240","cipher_suites":[51,103,158,57,107,159,49161,49187,49195,49162,49188,49196,52393,49159,49170,49171,49191,49199,49172,49192,49200,52392,49169,10,47,60,156,53,61,157,5],"cert_cache_fill":0.0003,"load_or_obtain_if_necessary":true,"on_demand":false}
caddy
18 June 2024 at 10:44 (UTC+3:00)
{"level":"debug","ts":1718696641.361692,"logger":"http.stdlib","msg":"http: TLS handshake error from 45.79.218.43:53458: no certificate available for '10.0.101.240'"}

Thanks for replying so quickly!

Now when I try to load that domain, I get a timeout. Are you sure your server is accepting connections on port 80 and 443? Check your firewall config.

1 Like

@francislavoie

I bring down the infrastructure while not being developed to not incur unnecessary costs. I will leave it up, so that you can validate the scenario.

Sorry for the delay.

Seems like it’s down again (or was never up, I don’t know).

Either way, to me it sounds like a networking issue, not a problem with Caddy config. You’ll need to figure that out.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.