Hello,
I am quite new to Caddy, I only started using it a few days ago. I’m trying to get the following example working:
In my case, my php application that’s running on the centos7 apache server is called LibreNMS:
In my case, my vhost file contains:
$ cat /etc/httpd/conf.d/librenms.conf
Listen 8080
<VirtualHost *:8080>
DocumentRoot /opt/librenms/html/
ServerName librenms.mysite.co.uk
AllowEncodedSlashes NoDecode
<Directory "/opt/librenms/html/">
Require all granted
AllowOverride All
Options FollowSymLinks MultiViews
</Directory>
</VirtualHost>
I then configured https like this:
$ cat /etc/caddy/Caddyfile
librenms.mysite.co.uk {
proxy / librenms.mysite.co.uk:8080
tls {
dns route53
}
}
I’m using the following version of caddy:
$ /usr/bin/caddy -version
Caddy 0.11.0 (non-commercial use only)
In my case, I have added the route53 dns plugin to my caddy binary:
$ /usr/bin/caddy -plugins
Server types:
http
Caddyfile loaders:
short
flag
default
Other plugins:
http.basicauth
http.bind
http.browse
http.errors
http.expvar
http.ext
http.fastcgi
http.gzip
http.header
http.index
http.internal
http.limits
http.log
http.markdown
http.mime
http.pprof
http.proxy
http.push
http.redir
http.request_id
http.rewrite
http.root
http.status
http.templates
http.timeouts
http.websocket
on
tls
tls.dns.route53
tls.storage.file
Then I started caddy by running:
$ /usr/bin/caddy -conf /etc/caddy/Caddyfile -agree -email admin@mysite.co.uk
Activating privacy features... done.
https://librenms.mysite.co.uk
http://librenms.mysite.co.uk
Now when I try to access the website (using google chrome) using http via port 8080, everything looks good:
However when I then try to access the same website via the caddy https proxy, i get:
Basically the website still loads, but it looks like it only partially loaded. Some stuff, e.g. css, appears to have been blocked by google chrome. Also google reports that website is not secure even though a valid letsencrypt certifcate has been installed. I can force google chrome to allow the blocked stuff by clicking on the shield icon, then selecting ‘load unsafe scripts’:
This ends allowing all the blocked stuff, but the website becomes insecure:
Does anyone have any ideas what could be wrong?