Net proxy with tls off, continues to try and obtain certificate

Caddy version v1.0.0 (h1:KI6RPGih2GFzWRPG8s9clKK28Ns4ZlVMKR/v7mxq6+c=).

Caddyfile is:

proxy :3306 :3306 {
    tls off

Starting with /usr/local/bin/caddy -log stdout -type=net -conf=/etc/caddy/Caddyfile

Activating privacy features...2019/05/02 22:03:34 [INFO][cache:0xc0000307d0] Started certificate maintenance routine
2019/05/02 22:03:34 [INFO] [] acme: Obtaining bundled SAN certificate
2019/05/02 22:03:35 [] failed to obtain certificate: acme: error: 400 :: POST :: :: urn:ietf:params:acme:error:rejectedIdentifier :: Error creating new order :: Policy forbids issuing for name, url:

Huh? I am explicitly turning tls off.

That’s a very good question!

You may need to ask the server plugin author over at GitHub - pieterlouw/caddy-net: Proxy server type for Caddy server (

The docs definitely communicate that the tls directive is respected.

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.