1. Caddy version (caddy version
):
v2.4.6 h1:HGkGICFGvyrodcqOOclHKfvJC0qTU7vny/7FhYp9hNw=
2. How I run Caddy:
caddy run
a. System environment:
NAME=“Ubuntu”
VERSION=“20.04.3 LTS (Focal Fossa)”
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME=“Ubuntu 20.04.3 LTS”
VERSION_ID=“20.04”
d. My complete Caddyfile or JSON config:
(proxy_upstream) {
# Enable access logging to STDOUT
log
reverse_proxy https://BACKEND.com {
header_up Host {upstream_hostport}
header_up X-Forwarded-Host {host}}
transport http {
#tls_insecure_skip_verify
compression off
}
}
}
https://FRONEND.com {
tls internal {
client_auth {
mode require
trusted_leaf_cert_file /path/to/client.pem
}
}
import proxy_upstream
}
3. The problem I’m having:
I’m trying to use client authentication for my Caddy, if auth is OK the request is sent to backend. The request to backend should not include client authentication, this is only between client and Caddy reverse-proxy.
I would like to only allow a single client certificate.
4. Error messages and/or full log output:
Never see the inbound request im my stdout log.