-
explain what you are trying to do,
Require client certificate authentication -
show what you have already tried,
The following config works as expected, client cert is requested when navigating to the URL.
https://example.com:8443 {
tls {
clients /path/to/ca.cert.pem
dns cloudflare
}
proxy /guacamole localip:9000/guacamole {
transparent
without /guacamole
}
}
Removing the :8443 to run on standard SSL port 443 fails to request a client cert. The client browser shows an insecure connection, and the following is logged by caddy.
2018/12/01 00:58:49 http: TLS handshake error from 172.17.0.1:45878: tls: client didn’t provide a certificate
I’ve attempted every variation of the hostname I could think of, with and without preceding https:// and with and without trailing :443.