I have the following Caddyfile:
fistbump.io:80 {
tls off
redir 301 {
if {scheme} is http
/ https://fistbump.io{uri}
}
root /home/cloud/app/public
gzip
fastcgi / 127.0.0.1:9000 php
limits {
body 50mb
}
rewrite {
to {path} {path}/ /index.php?{query}
}
}
fistbump.io:443 {
tls {
max_certs 1
}
redir 301 {
if {scheme} is http
/ https://fistbump.io{uri}
}
root /home/cloud/app/public
gzip
fastcgi / 127.0.0.1:9000 php
limits {
body 50mb
}
rewrite {
to {path} {path}/ /index.php?{query}
}
}
www.fistbump.io:80 {
tls off
redir 301 {
/ https://fistbump.io{uri}
}
}
www.fistbump.io:443 {
tls {
max_certs 1
}
redir 301 {
/ https://fistbump.io{uri}
}
}
The on-demand SSL is working great for the naked “fistbump.io” domain; however, I get a handshake error when typing https://www.fistbump.io
into my browser:
2017/06/19 14:26:23 http: TLS handshake error from 162.158.78.172:22682: [www.fistbump.io] failed to get certificate: acme: Error 400 - urn:acme:error:tls - remote error: tls: handshake failure
Error Detail:
Validation for www.fistbump.io:443
Resolved to:
104.24.115.140
104.24.114.140
2400:cb00:2048:1::6818:728c
2400:cb00:2048:1::6818:738c
Used: 104.24.115.140
However, what confuses me is that my DNS is all managed through Cloudflare and those are the exact same IPs used by the naked domain, so it should be resolving fine.
Is there something wrong with my configuration I am missing?