Hello folks! I’m new to the caddy scene so I’m looking for some help.
I have Caddy .11 installed on Ubuntu 16.04. I am successfully using Caddy to reverse proxy to several sites I have behind my router on several VMs. There are all not using HTTPS on their end, (HTTP traffic locally). I have a site that is https://IP-of-server. Is it possible to get this site proxied? Even if it was just using the self-signed and not the LetsEncrypt, that’s do-able; although I would prefer the LetsEncrypt cert.
The insecure_skip_verify will tell Caddy not to validate the server’s certificate against a trusted authority (which naturally isn’t feasible for a self-signed certificate).
You can run it from the command line. Optionally change the line to errors stdout (for convenience), run caddy -log stdout -conf /path/to/Caddyfile in one terminal, and curl -I https://example.net/ in another terminal. Paste the output from the Caddy terminal here.
I’d suspect browser caching? The upstream server is returning a zero-length body with a valid status, so Caddy should be giving you exactly that - no body, blank page, and while I’m not familiar with NTLM, maybe a browser prompt?
Alright, so yeah. I opened incognito and I get my login prompt. However login passes but nothing is returned. Not sure if that could be looked at here or if that is something else I need to look into.
Knowing personally that my knowledge of NTLM is wanting, if it were me, I’d look there first to determine exactly what it requires. If it’s not an auth-specific problem… I’d be a bit stumped. Generally the proxy is pretty faithful - everything you send goes upstream, everything coming back makes it to your client.
I tried changing it back to http1.1 as stated here: https://github.com/mholt/caddy/pull/1389 but when I restart caddy, it doesn’t understand the directive http2, can you help?
I’ve had passing experience with it. It can auth against LDAP, so if you’re a Microsoft shop, that might suffice… But I think you’d have to remove the auth from the upstream server anyway.