This part in particular is the problem. {host} here resolves to example.com:8080, so when Caddy issues that redirect, the client is going to try connect to https://example.com:8080/ (which, as we know, is a HTTP listener).
Change {host} to {hostonly} to give the hostname without the port information and redirect the client to https://example.com/ instead.
thanks, i changed caddy config file according to what you said, but still broswer tried to open https://example.com:8080/ getting error from browser that said:
This site can’t provide a secure connection
**example.com** sent an invalid response.
* [Try running Windows Network Diagnostics](javascript:diagnoseErrors()).
ERR_SSL_PROTOCOL_ERROR
Try browsing to http://bisimapp.com:8080 instead of https://bisimapp.com:8080. You should then be redirected to https://bisimapp.com/ (which should connect over port 443, as the default for HTTPS).
It’s impossible to run HTTP and HTTPS on the same port.
ok thanks, it is working now (i changed my browser maybe because of cache).
another question i sent a post request to http://example.com:8080/api/test
but it return me Cannot GET /api/test is it because of redirect? so how to solve in this situation or maybe i should changed from redirect to proxy / https://{hostonly}{uri}
Ahh, you beat me by about a second! Glad to hear it’s working.
As for the other question, this StackExchange post will likely be a good resource:
In essence, a 301 redirected POST becomes a GET. You can issue a different status - 308 - to indicate a permanent redirect that should remain as a POST request. I’d highly suggest reading further into the “potential for abuse” elaborated on in that StackExchange post before going ahead, though.
your help is amazing, but i’m newbie to caddy and my web service is down and my boss want kill me so security is not matter at this time.
how can do this in caddy according to what you said?
No worries! You’d just specify the status code explicitly in the redir directive. You can’t use the shorthand redir [target], though, you have to type out the full form. It looks like this: