1. Caddy version (caddy version
):
v2.1.1 h1:X9k1+ehZPYYrSqBvf/ocUgdLSRIuiNiMo7CvyGUQKeA=
2. How I run Caddy:
caddy run
a. System environment:
Mac os 10.15.5
b. Command:
caddy run
c. Service/unit/compose file:
no file
d. My complete Caddyfile or JSON config:
{
email faradaytrs@gmail.com
experimental_http3
}
(php) {
encode zstd gzip
#php_fastcgi /run/php/php7.4-fpm.sock
php_fastcgi 127.0.0.1:9000
}
(headers) {
header / {
X-Frame-Options SAMEORIGIN
X-XSS-Protection "1; mode=block"
X-Content-Type-Options nosniff
}
}
localhost {
root * "/Users/imax/PhpstormProjects/globus/web"
encode gzip zstd
try_files {path} /index.php?p={path}&{query} /index.php?{query}
php_fastcgi 127.0.0.1:9000
file_server
}
3. The problem I’m having:
Certificate invalid in any browser NET::ERR_CERT_INVALID
4. Error messages and/or full log output:
2020/07/13 03:16:28.393 INFO automigrate beginning one-time data directory migration {“old_dir”: “/Users/imax/.local/share/caddy”, “new_dir”: “/Users/imax/Library/Application Support/Caddy”, “details”: “v2: Honor OS-specific file system storage conventions and migrate all assets to new locations · Issue #2955 · caddyserver/caddy · GitHub”}
2020/07/13 03:16:28.393 ERROR automigrate new data directory already exists; skipping auto-migration as conservative safety measure {“old_dir”: “/Users/imax/.local/share/caddy”, “new_dir”: “/Users/imax/Library/Application Support/Caddy”, “instructions”: “v2: Honor OS-specific file system storage conventions and migrate all assets to new locations · Issue #2955 · caddyserver/caddy · GitHub”}
2020/07/13 03:16:28.393 INFO using adjacent Caddyfile
2020/07/13 03:16:28.399 INFO admin admin endpoint started {“address”: “tcp/localhost:2019”, “enforce_origin”: false, “origins”: [“localhost:2019”, “[::1]:2019”, “127.0.0.1:2019”]}
2020/07/13 03:16:28.399 INFO http enabling automatic HTTP->HTTPS redirects {“server_name”: “srv1”}
2020/07/13 03:16:28.399 INFO http server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS {“server_name”: “srv0”, “https_port”: 443}
2020/07/13 03:16:28.399 INFO http enabling automatic HTTP->HTTPS redirects {“server_name”: “srv0”}
2020/07/13 11:16:28 [INFO][cache:0xc00007c240] Started certificate maintenance routine
2020/07/13 03:16:28.407 INFO tls setting internal issuer for automation policy that has only internal subjects but no issuer configured {“subjects”: [“localhost”]}
2020/07/13 03:16:28.409 INFO tls cleaned up storage units
2020/07/13 03:16:28.487 INFO pki.ca.local root certificate is already trusted by system {“path”: “storage:pki/authorities/local/root.crt”}
2020/07/13 03:16:28.487 INFO pki intermediate expires soon; renewing {“ca”: “local”, “time_remaining”: 9648.512764}
2020/07/13 03:16:28.489 INFO pki renewed intermediate {“ca”: “local”, “new_expiration”: “2020/07/20 03:16:28.000”}
2020/07/13 03:16:28.489 INFO http enabling experimental HTTP/3 listener {“addr”: “:443”}
2020/07/13 03:16:28.489 INFO http enabling experimental HTTP/3 listener {“addr”: “:3010”}
2020/07/13 03:16:28.489 INFO http enabling automatic TLS certificate management {“domains”: [“localhost”]}
2020/07/13 11:16:28 [WARNING] Stapling OCSP: no OCSP stapling for [localhost]: no OCSP server specified in certificate
2020/07/13 03:16:28.498 INFO autosaved config {“file”: “/Users/imax/Library/Application Support/Caddy/autosave.json”}
2020/07/13 03:16:28.498 INFO serving initial configuration
2020/07/13 11:16:28 [INFO][localhost] Renew certificate; acquiring lock…
2020/07/13 11:16:28 [INFO][localhost] Renew: Lock acquired; proceeding…
2020/07/13 11:16:28 [INFO][localhost] Renew: -55h15m15.501363s remaining
2020/07/13 11:16:28 [INFO][localhost] Certificate renewed successfully
2020/07/13 11:16:28 [INFO][localhost] Renew: Releasing lock
2020/07/13 11:16:28 [INFO] Reloading managed certificate for [localhost]
2020/07/13 11:16:28 [WARNING] Stapling OCSP: no OCSP stapling for [localhost]: no OCSP server specified in certificate
2020/07/13 11:16:28 [INFO] Replaced certificate in cache for [localhost] (new expiration date: 2020-07-13 15:16:28)
2020/07/13 11:16:38 http: TLS handshake error from [::1]:64273: remote error: tls: unknown certificate
2020/07/13 11:16:39 http: TLS handshake error from [::1]:64291: remote error: tls: unknown certificate
2020/07/13 11:16:44 http: TLS handshake error from [::1]:64303: remote error: tls: unknown certificate
2020/07/13 11:16:48 http: TLS handshake error from [::1]:64308: remote error: tls: unknown certificate