Port 443 is already in use?

alex1 · April 30, 2021, 4:17pm

1. Caddy version (`caddy version`):

v2.3.0

2. How I run Caddy:

a. System environment:

Debian 10.

b. Command:

From user (not root):

sudo caddy start

d. My complete Caddyfile or JSON config:

3. The problem I’m having:

EDIT: I resolved the installation problem. I have a different problem now.

EDIT 2: sorry, I am editing again as the service seems to be running for now.

I installed Caddy on Debian 10 using the instructions found here: https://caddyserver.com/docs/install

Now this is all new to me, it’s the first time I play with a server, I am only trying to get a simple static website to work.

4. Error messages and/or full log output:

2021/04/30 16:56:09.279	INFO	using adjacent Caddyfile
2021/04/30 16:56:09.280	INFO	admin	admin endpoint started	{"address": "tcp/0.0.0.0:2021", "enforce_origin": false, "origins": ["0.0.0.0:2021"]}
2021/04/30 16:56:09.280	WARN	admin	admin endpoint on open interface; host checking disabled	{"address": "tcp/0.0.0.0:2021"}
2021/04/30 16:56:09.281	INFO	http	server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS	{"server_name": "srv0", "https_port": 443}
2021/04/30 16:56:09.281	INFO	http	enabling automatic HTTP->HTTPS redirects	{"server_name": "srv0"}
run: loading initial config: loading new config: http app module: start: tcp: listening on :443: listen tcp :443: bind: address already in use
start: caddy process exited with error: exit status 1

5. What I already tried:

So I had a problem with the service that I resolved by adding to my Caddyfile:

{
admin 0.0.0.0:2020
}

This allowed the service to run fine, but when I do sudo caddy start I get an error on 2020, so I changed to:

{
admin 0.0.0.0:2021
}

Now I get a new error as above, ie 443 already in use.

This is the output of sudo netstat -tulpn | grep 443:

tcp6       0      0 :::443                  :::*                    LISTEN      4326/caddy

Output of ps aux | grep caddy:

caddy     4326  0.0  1.9 736344 38852 ?        Ssl  18:51   0:00 /usr/bin/caddy run --environ --config /etc/caddy/Caddyfile

Now I am truly stuck.

Sorry for the many edits. I feel like I am digging my grave deeper. Is there a clean solution to this mess?

Please be kind, I’m a real noob! Any help would be greatly appreciated.

6. Links to relevant resources:

https://caddyserver.com/docs/install

francislavoie · April 30, 2021, 6:13pm

When installed with the debian repo, Caddy is set up to run as a systemd service. This means that it runs an instance of Caddy for you automatically. If you try to run a second one, they will conflict.

Instead of using sudo caddy start, you should use the sudo service caddy <action> commands to control Caddy. Your configuration file is found in /etc/caddy/Caddyfile. To reload your config after making changes, run sudo service caddy reload. To see the logs, run journalctl -u caddy --no-pager | less.

alex1 · May 1, 2021, 9:48am

Thank you! Caddy is running fine now. I removed admin 0.0.0.0:2021.

Now instead of the server being down, on my browser I get the message: “The page isn’t redirecting properly”.

My Caddyfile is:

www.mysite.com {
  redir https://mysite.com{uri}
}
mysite.com {
  root * /home/user/www/mysite.com
  file_server
}

I spent quite some time researching how to setup a Caddyfile and I don’t see anything wrong. Would you be able to help me?

francislavoie · May 1, 2021, 12:28pm

That does look fine. What’s in your logs? How does it look if you make the request with curl -v https://example.com?

alex1 · May 1, 2021, 5:55pm

Thanks! This is what I get with that command. I am using Cloudflare.

$ curl -v https://DOMAIN.com
* Expire in 0 ms for 6 (transfer 0x556f33233fb0)
ABOUT 140 LINES LIKE THESE
* Expire in 12 ms for 1 (transfer 0x556f33233fb0)
*   Trying IPADDRESS...
* TCP_NODELAY set
* Expire in 149980 ms for 3 (transfer 0x556f33233fb0)
* Expire in 200 ms for 4 (transfer 0x556f33233fb0)
* Connected to DOMAIN.com (172.67.221.188) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: none
  CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server accepted to use h2
* Server certificate:
*  subject: C=US; ST=California; L=San Francisco; O=Cloudflare, Inc.; CN=sni.cloudflaressl.com
*  start date: Apr 30 00:00:00 2021 GMT
*  expire date: Apr 29 23:59:59 2022 GMT
*  subjectAltName: host "DOMAIN.com" matched cert's "DOMAIN.com"
*  issuer: C=US; O=Cloudflare, Inc.; CN=Cloudflare Inc ECC CA-3
*  SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x556f33233fb0)
> GET / HTTP/2
> Host: DOMAIN.com
> User-Agent: curl/7.64.0
> Accept: */*
> 
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
* Connection state changed (MAX_CONCURRENT_STREAMS == 256)!
< HTTP/2 308 
< date: Sat, 01 May 2021 17:37:24 GMT
< content-length: 0
< set-cookie: __cfduid=dff2e99f1deb1516b512b77d9f5431b361619890644; expires=Mon, 31-May-21 17:37:24 GMT; path=/; domain=.DOMAIN.com; HttpOnly; SameSite=Lax
< location: https://DOMAIN.com/
< cf-cache-status: DYNAMIC
< cf-request-id: 09ca9abc5500004c80bc8c3000000001
< expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
< report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xbZTU1zRIlA3T0f6ZeWv5UMd6aOBndfwegwVWIfttGIDCbNUDTyxgsrtOth6K%2F73XwNMJQP62rGiGWsJKn70eDK2ZmSuVu053mGaph%2F38Miz"}]}
< nel: {"report_to":"cf-nel","max_age":604800}
< server: cloudflare
< cf-ray: 648ac70d58954c80-AMS
< alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
< 
* Connection #0 to host DOMAIN.com left intact

If I put the IP address directly in the bar I get this error.

Secure Connection Failed

An error occurred during a connection to IPADDRESS. Peer reports it experienced an internal error.

Error code: SSL_ERROR_INTERNAL_ERROR_ALERT

    The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
    Please contact the website owners to inform them of this problem.

francislavoie · May 1, 2021, 6:09pm

Well there you go, the request isn’t reaching Caddy because you have Cloudflare in front.

alex1 · May 2, 2021, 2:22pm

What do you mean? I can’t use Caddy with Cloudflare?

Edit: Omg it worked! I followed this, I’m leaving the link for people who encounter the same problem.

https://community.cloudflare.com/t/the-page-isn-t-redirecting-properly/151245/2

system · May 30, 2021, 4:17pm

This topic was automatically closed after 30 days. New replies are no longer allowed.