if only this certificate business was easy 
We’re back to the signed by unknown authority issue for <ext_domain>/api/test
Caddyfile
liveliteandwell.com {
log
@cel_backend_node <<CEL
({method} == "GET" || {method} == "POST")
&& {path}.startsWith("/api/")
CEL
route {
# Backend Node
reverse_proxy @cel_backend_node rp-tailscale.esco.ghaar:8443 {
transport http {
#tls_insecure_skip_verify
tls_trust_pool file {
pem_file /opt/caddy/certificates/ldap_acme_root_ca.crt
}
}
}
# react router app
handle_path / {
root * /tmp/build
try_files {path} /index.html
file_server
}
respond 404
}
Jun 18 07:16:44 rp-tailscale caddy[123948]: {"level":"debug","ts":1718720204.0519593,"logger":"http.handlers.reverse_proxy","msg":"selected upstream","dial":"rp-tailscale.esco.ghaar:8443","total_upstreams":1}
Jun 18 07:16:44 rp-tailscale caddy[123948]: {"level":"debug","ts":1718720204.064225,"logger":"http.handlers.reverse_proxy","msg":"upstream roundtrip","upstream":"rp-tailscale.esco.ghaar:8443","duration":0.012178359,"request":{"remote_ip":"192.168.0.28","remote_port":"50249","client_ip":"192.168.0.28","proto":"HTTP/2.0","method":"GET","host":"liveliteandwell.com","uri":"/api/login","headers":{"X-Forwarded-Proto":["https"],"X-Forwarded-Host":["liveliteandwell.com"],"User-Agent":["curl/8.4.0"],"Accept":["*/*"],"X-Forwarded-For":["192.168.0.28"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"h2","server_name":"liveliteandwell.com"}},"error":"tls: failed to verify certificate: x509: certificate signed by unknown authority"}
Jun 18 07:16:44 rp-tailscale caddy[123948]: {"level":"debug","ts":1718720204.0643835,"logger":"http.log.error","msg":"tls: failed to verify certificate: x509: certificate signed by unknown authority","request":{"remote_ip":"192.168.0.28","remote_port":"50249","client_ip":"192.168.0.28","proto":"HTTP/2.0","method":"GET","host":"liveliteandwell.com","uri":"/api/login","headers":{"User-Agent":["curl/8.4.0"],"Accept":["*/*"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"h2","server_name":"liveliteandwell.com"}},"duration":0.012525927,"status":502,"err_id":"acvuw1w2d","err_trace":"reverseproxy.statusError (reverseproxy.go:1269)"}
Jun 18 07:16:44 rp-tailscale caddy[123948]: {"level":"error","ts":1718720204.0644145,"logger":"http.log.access","msg":"handled request","request":{"remote_ip":"192.168.0.28","remote_port":"50249","client_ip":"192.168.0.28","proto":"HTTP/2.0","method":"GET","host":"liveliteandwell.com","uri":"/api/login","headers":{"User-Agent":["curl/8.4.0"],"Accept":["*/*"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"h2","server_name":"liveliteandwell.com"}},"bytes_read":0,"user_id":"","duration":0.012525927,"size":15,"status":502,"resp_headers":{"Server":["Caddy"],"Alt-Svc":["h3=\":443\"; ma=2592000"],"Content-Type":["text/plain; charset=utf-8"]}}