I have successfully installed caddy as a reverse proxy for my server, but I can access my website for some reason
Jun 01 01:09:47 user caddy[9134]: 2020/06/01 01:09:47 http: TLS handshake error from 111.206.250.235:3013: tls: first record does not look like a TLS handshake
Jun 01 01:09:47 user caddy[9134]: 2020/06/01 01:09:47 http: TLS handshake error from 111.206.250.203:44323: tls: first record does not look like a TLS handshake
Jun 01 01:09:48 user caddy[9134]: 2020/06/01 01:09:48 http: TLS handshake error from 111.206.250.235:56077: no certificate available for ‘ipaddress’
Jun 01 01:09:48 user caddy[9134]: 2020/06/01 01:09:48 http: TLS handshake error from 111.206.250.236:49397: no certificate available for ‘ipaddress’
Jun 01 01:09:49 user caddy[9134]: 2020/06/01 01:09:49 http: TLS handshake error from 111.206.250.203:17159: no certificate available for ‘ipaddress’
Jun 01 01:09:49 user caddy[9134]: 2020/06/01 01:09:49 http: TLS handshake error from 111.206.250.204:57593: no certificate available for ‘ipaddress’
Jun 01 01:09:50 user caddy[9134]: 2020/06/01 01:09:50 http: TLS handshake error from 111.206.250.203:4190: no certificate available for ‘ipaddress’
Jun 01 01:12:08 user caddy[9134]: 2020/06/01 01:12:08 http: TLS handshake error from 103.249.89.27:62517: no certificate available for ‘mydomain.com’
I think it can be because of cloudflare? Should I remove cloudflare integration from my website? Or is it something different?
Edit - this is my caddy file
:80 :443 {
reverse_proxy / localhost:8080
redir 301 {
if {scheme} not https
/ https://{host}{uri}
}
}`
Your Caddyfile doesn’t specify a domain name, so Caddy doesn’t know what certificate to manage.
Simply put your domain name in your site address, as the docs say:
You will see Caddy provision a TLS certificate and serve your site over HTTPS. This was possible because your site’s address in the Caddyfile contained a domain name.
(This concept is in several places – I just picked one.)
Also get rid of the :80 and redir stuff (that’s wrong for v2 anyway). Please refer to the docs for what is correct syntax in v2. And Caddy will do the redirects for you.
Actually in my web app users can add their custom domain so when it passes thorough the proxy they get the ssl, basically I want users custom domain to get SSL
Path matching is exact in Caddy v2, so if you use / as a matcher, it only matches requests to the root of your site. Remove the / and it will send all requests through the proxy. Omitting a matcher is the same as specifying *, meaning “all requests”.
But I still cannot generate ssl for my custom domain pointing to my server with cname do not load “This site can’t provide a secure connection”
Error:
"http","msg":"user server is listening on same interface as automatic HTTP->HTTPS redirects; user-configured routes might override these settings"
"http","msg":"enabling automatic TLS certificate management","domains":["maindomain.com"]}
All errors are same as this one.
I think this is something to do with tls on demand and ask directive, can someone please help me figure out this issue!