1. Caddy version (caddy version
):
2.3
2. How I run Caddy:
Windows 10, cmd, run caddy from C:\Caddy
a. System environment:
Windows 10
b. Command:
caddy run
c. Service/unit/compose file:
paste full file contents here
d. My complete Caddyfile or JSON config:
Caddyfile as below, based on this guide - https://forum.jellyfin.org/t/simpleton-guide-for-remote-access/2707/2
chryma.ddns.net:80 {
respond ":-P" 403
}
chryma.ddns.net:443 {
respond ":-P" 403
}
chryma.ddns.net:1337 {
reverse_proxy 127.0.0.1:8096
}
3. The problem I’m having:
I’m doing caddy run and it just keeps failing verification.
4. Error messages and/or full log output:
C:\Caddy>caddy run
2021/03/04 20:19:28.582 ←[34mINFO←[0m using adjacent Caddyfile
2021/03/04 20:19:28.587 ←[34mINFO←[0m admin admin endpoint started {"address": "tcp/localhost:2019", "enforce_origin": false, "origins": ["localhost:2019", "[::1]:2019", "127.0.0.1:2019"]}
2021/03/04 20:19:28.587 ←[34mINFO←[0m tls.cache.maintenance started background certificate maintenance {"cache": "0xc00032e380"}
2021/03/04 20:19:28.588 ←[34mINFO←[0m http enabling automatic HTTP->HTTPS redirects {"server_name": "srv0"}
2021/03/04 20:19:28.588 ←[34mINFO←[0m http server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS {"server_name": "srv1", "https_port": 443}
2021/03/04 20:19:28.588 ←[34mINFO←[0m http enabling automatic HTTP->HTTPS redirects {"server_name": "srv1"}
2021/03/04 20:19:28.588 ←[34mINFO←[0m http server is listening only on the HTTP port, so no automatic HTTPS will be applied to this server {"server_name": "srv2", "http_port": 80}
2021/03/04 20:19:28.588 ←[33mWARN←[0m http user server is listening on same interface as automatic HTTP->HTTPS redirects; user-configured routes might override these redirects {"server_name": "srv2", "interface": "tcp/:80"}
2021/03/04 20:19:28.588 ←[34mINFO←[0m http enabling automatic TLS certificate management {"domains": ["chryma.ddns.net"]}
2021/03/04 20:19:28.589 ←[34mINFO←[0m tls cleaned up storage units
2021/03/04 20:19:28.590 ←[34mINFO←[0m autosaved config {"file": "C:\\Users\\USER\\AppData\\Roaming\\Caddy\\autosave.json"}
2021/03/04 20:19:28.590 ←[34mINFO←[0m serving initial configuration
2021/03/04 20:19:28.596 ←[34mINFO←[0m tls.obtain acquiring lock {"identifier": "chryma.ddns.net"}
2021/03/04 20:19:28.602 ←[34mINFO←[0m tls.obtain lock acquired {"identifier": "chryma.ddns.net"}
2021/03/04 20:19:28.610 ←[34mINFO←[0m tls.issuance.acme waiting on internal rate limiter {"identifiers": ["chryma.ddns.net"]}
2021/03/04 20:19:28.610 ←[34mINFO←[0m tls.issuance.acme done waiting on internal rate limiter {"identifiers": ["chryma.ddns.net"]}
2021/03/04 20:19:30.074 ←[34mINFO←[0m tls.issuance.acme waiting on internal rate limiter {"identifiers": ["chryma.ddns.net"]}
2021/03/04 20:19:30.074 ←[34mINFO←[0m tls.issuance.acme done waiting on internal rate limiter {"identifiers": ["chryma.ddns.net"]}
2021/03/04 20:19:31.991 ←[34mINFO←[0m tls.issuance.acme.acme_client trying to solve challenge {"identifier": "chryma.ddns.net", "challenge_type": "http-01", "ca": "https://acme.zerossl.com/v2/DV90"}
2021/03/04 20:24:32.980 ←[31mERROR←[0m tls.obtain will retry {"error": "[chryma.ddns.net] Obtain: [chryma.ddns.net] solving challenges: [chryma.ddns.net] authorization took too long (order=https://acme.zerossl.com/v2/DV90/order/dUToEX3accvF1Fl2A2KuRA) (ca=https://acme.zerossl.com/v2/DV90)", "attempt": 1, "retrying_in": 60, "elapsed": 304.3774345, "max_duration": 2592000}
2021/03/04 20:25:34.469 ←[34mINFO←[0m tls.issuance.acme.acme_client trying to solve challenge {"identifier": "chryma.ddns.net", "challenge_type": "http-01", "ca": "https://acme-staging-v02.api.letsencrypt.org/directory"}
2021/03/04 20:25:45.205 ←[31mERROR←[0m tls.issuance.acme.acme_client challenge failed {"identifier": "chryma.ddns.net", "challenge_type": "http-01", "status_code": 400, "problem_type": "urn:ietf:params:acme:error:connection", "error": "Fetching http://chryma.ddns.net/.well-known/acme-challenge/D8Anxv3jGmukjdAQk8Am4GNprR1tR3m8Fs1uOwLBG_U: Timeout during connect (likely firewall problem)"}
2021/03/04 20:25:45.205 ←[31mERROR←[0m tls.issuance.acme.acme_client validating authorization {"identifier": "chryma.ddns.net", "error": "authorization failed: HTTP 400 urn:ietf:params:acme:error:connection - Fetching http://chryma.ddns.net/.well-known/acme-challenge/D8Anxv3jGmukjdAQk8Am4GNprR1tR3m8Fs1uOwLBG_U: Timeout during connect (likely firewall problem)", "order": "https://acme-staging-v02.api.letsencrypt.org/acme/order/18397780/1748364", "attempt": 1, "max_attempts": 3}
2021/03/04 20:25:46.640 ←[34mINFO←[0m tls.issuance.acme.acme_client trying to solve challenge {"identifier": "chryma.ddns.net", "challenge_type": "tls-alpn-01", "ca": "https://acme-staging-v02.api.letsencrypt.org/directory"}
2021/03/04 20:25:56.913 ←[31mERROR←[0m tls.issuance.acme.acme_client challenge failed {"identifier": "chryma.ddns.net", "challenge_type": "tls-alpn-01", "status_code": 400, "problem_type": "urn:ietf:params:acme:error:connection", "error": "Timeout during connect (likely firewall problem)"}
2021/03/04 20:25:56.913 ←[31mERROR←[0m tls.issuance.acme.acme_client validating authorization {"identifier": "chryma.ddns.net", "error": "authorization failed: HTTP 400 urn:ietf:params:acme:error:connection - Timeout during connect (likely firewall problem)", "order": "https://acme-staging-v02.api.letsencrypt.org/acme/order/18397780/1748505", "attempt": 2, "max_attempts": 3}
2021/03/04 20:26:00.585 ←[34mINFO←[0m tls.issuance.acme.acme_client trying to solve challenge {"identifier": "chryma.ddns.net", "challenge_type": "http-01", "ca": "https://acme.zerossl.com/v2/DV90"}
5. What I already tried:
I’ve looked all over the forums etc, forwarded the ports on my router as per the above guide, opened 80 and 443 on my windows firewall and also disabled the windows firewall altogether, still getting the same issues.