Reverse-proxy configuration

Ualas_Rohrer · October 27, 2021, 11:28pm

1. Caddy version (`caddy version`):

v2.4.5

2. How I run Caddy:

a. System environment:

Ubuntu 18

b. Command:

sudo caddy reverse-proxy --from experiencebuilder.spatialstudieslab.org --to localhost:3001

d. My complete Caddyfile or JSON config:

experiencebuilder.spatialstudieslab.org {
        reverse_proxy :3001
}

3. The problem I’m having:

Hello, I’m having a hard time trying to config Caddy to work as a reverse-proxy. I’m wondering if anyone could help me?

I have a webserver running at https://experiencebuilder.spatialstudieslab.org:3001/ and would like it to be available at https://experiencebuilder.spatialstudieslab.org with HTTPS.

4. Error messages and/or full log output:

2021/10/27 23:21:17.641 ERROR   http.log.error  EOF     {"request": {"remote_addr": "73.206.116.144:53892", "proto": "HTTP/2.0", "method": "GET", "host": "experiencebuilder.spatialstudieslab.org", "uri": "/", "headers": {"Sec-Fetch-Mode": ["cors"], "Sec-Fetch-Dest": ["empty"], "Accept-Encoding": ["gzip, deflate, br"], "Accept-Language": ["en-US,en;q=0.9,pt-BR;q=0.8,pt;q=0.7"], "Cache-Control": ["max-age=0"], "User-Agent": ["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36"], "Accept": ["*/*"], "Sec-Fetch-Site": ["none"]}, "tls": {"resumed": true, "version": 772, "cipher_suite": 4865, "proto": "h2", "proto_mutual": true, "server_name": "experiencebuilder.spatialstudieslab.org"}}, "duration": 0.001086713, "status": 502, "err_id": "frydymv1p", "err_trace": "reverseproxy.statusError (reverseproxy.go:858)"}

5. What I already tried:

I have tried all sorts of CadyFile configs and caddy reverse-proxy --from --to commands.

francislavoie · October 28, 2021, 1:38am

Seems like Caddy isn’t able to connect to your app.

Please turn on debug mode by adding this at the top of your Caddyfile:

{
	debug
}

Please also post your full logs. I assume you’re running Caddy as a systemd service (you didn’t fill out the section of the help topic template that asks how you installed or run Caddy), you can follow the instructions here to get your logs:

Ualas_Rohrer · October 28, 2021, 1:59am

Thanks for your reply @francislavoie. I have been trying to run Caddy as a service and by command line.

Find attached my log with debug activated.

Oct 28 01:55:48 ip-172-31-52-244 caddy[6758]: runtime.GOOS=linux
Oct 28 01:55:48 ip-172-31-52-244 caddy[6758]: runtime.GOARCH=amd64
Oct 28 01:55:48 ip-172-31-52-244 caddy[6758]: runtime.Compiler=gc
Oct 28 01:55:48 ip-172-31-52-244 caddy[6758]: runtime.NumCPU=1
Oct 28 01:55:48 ip-172-31-52-244 caddy[6758]: runtime.GOMAXPROCS=1
Oct 28 01:55:48 ip-172-31-52-244 caddy[6758]: runtime.Version=go1.17
Oct 28 01:55:48 ip-172-31-52-244 caddy[6758]: os.Getwd=/
Oct 28 01:55:48 ip-172-31-52-244 caddy[6758]: LANG=C.UTF-8
Oct 28 01:55:48 ip-172-31-52-244 caddy[6758]: PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin
Oct 28 01:55:48 ip-172-31-52-244 caddy[6758]: NOTIFY_SOCKET=/run/systemd/notify
Oct 28 01:55:48 ip-172-31-52-244 caddy[6758]: HOME=/var/lib/caddy
Oct 28 01:55:48 ip-172-31-52-244 caddy[6758]: LOGNAME=caddy
Oct 28 01:55:48 ip-172-31-52-244 caddy[6758]: USER=caddy
Oct 28 01:55:48 ip-172-31-52-244 caddy[6758]: INVOCATION_ID=6d461c0a74c9451bb38b9ecc3781fa97
Oct 28 01:55:48 ip-172-31-52-244 caddy[6758]: JOURNAL_STREAM=9:53990
Oct 28 01:55:48 ip-172-31-52-244 caddy[6758]: {"level":"info","ts":1635386148.6151402,"msg":"using provided configuration","config_file":"/etc/caddy/Caddyfile","config_adapter":""}
Oct 28 01:55:48 ip-172-31-52-244 caddy[6758]: {"level":"warn","ts":1635386148.618561,"msg":"input is not formatted with 'caddy fmt'","adapter":"caddyfile","file":"/etc/caddy/Caddyfile","line":12}
Oct 28 01:55:48 ip-172-31-52-244 caddy[6758]: {"level":"info","ts":1635386148.6228662,"logger":"admin","msg":"admin endpoint started","address":"tcp/localhost:2019","enforce_origin":false,"origins":["localhost:2019","[::1]:2019","127.0.0.1:2019"]}
Oct 28 01:55:48 ip-172-31-52-244 caddy[6758]: {"level":"info","ts":1635386148.6231546,"logger":"http","msg":"server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS","server_name":"srv0","https_port":443}
Oct 28 01:55:48 ip-172-31-52-244 caddy[6758]: {"level":"info","ts":1635386148.6233053,"logger":"http","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv0"}
Oct 28 01:55:48 ip-172-31-52-244 caddy[6758]: {"level":"debug","ts":1635386148.6237924,"logger":"http","msg":"starting server loop","address":"[::]:443","http3":false,"tls":true}
Oct 28 01:55:48 ip-172-31-52-244 caddy[6758]: {"level":"debug","ts":1635386148.6239703,"logger":"http","msg":"starting server loop","address":"[::]:80","http3":false,"tls":false}
Oct 28 01:55:48 ip-172-31-52-244 caddy[6758]: {"level":"info","ts":1635386148.6241152,"logger":"http","msg":"enabling automatic TLS certificate management","domains":["experiencebuilder.spatialstudieslab.org"]}
Oct 28 01:55:48 ip-172-31-52-244 caddy[6758]: {"level":"debug","ts":1635386148.6245768,"logger":"tls","msg":"loading managed certificate","domain":"experiencebuilder.spatialstudieslab.org","expiration":1643158443,"issuer_key":"acme-v02.api.letsencrypt.org-directory","storage":"FileStorage:/var/lib/caddy/.local/share/caddy"}
Oct 28 01:55:48 ip-172-31-52-244 caddy[6758]: {"level":"debug","ts":1635386148.6290362,"logger":"tls.cache","msg":"added certificate to cache","subjects":["experiencebuilder.spatialstudieslab.org"],"expiration":1643158443,"managed":true,"issuer_key":"acme-v02.api.letsencrypt.org-directory","hash":"83168ae2c2363da6da27b6c759f5c532b1000adbf82885f1abde4c21be888e47"}
Oct 28 01:55:48 ip-172-31-52-244 caddy[6758]: {"level":"info","ts":1635386148.6305785,"msg":"autosaved config (load with --resume flag)","file":"/var/lib/caddy/.config/caddy/autosave.json"}
Oct 28 01:55:48 ip-172-31-52-244 systemd[1]: Started Caddy.
Oct 28 01:55:48 ip-172-31-52-244 caddy[6758]: {"level":"info","ts":1635386148.6341586,"msg":"serving initial configuration"}
Oct 28 01:55:48 ip-172-31-52-244 caddy[6758]: {"level":"info","ts":1635386148.6344006,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0xc000560c40"}
Oct 28 01:55:48 ip-172-31-52-244 caddy[6758]: {"level":"info","ts":1635386148.6345937,"logger":"tls","msg":"cleaning storage unit","description":"FileStorage:/var/lib/caddy/.local/share/caddy"}
Oct 28 01:55:48 ip-172-31-52-244 caddy[6758]: {"level":"info","ts":1635386148.6350634,"logger":"tls","msg":"finished cleaning storage units"}
Oct 28 01:56:03 ip-172-31-52-244 caddy[6758]: {"level":"debug","ts":1635386163.7279053,"logger":"tls.handshake","msg":"choosing certificate","identifier":"experiencebuilder.spatialstudieslab.org","num_choices":1}
Oct 28 01:56:03 ip-172-31-52-244 caddy[6758]: {"level":"debug","ts":1635386163.7279646,"logger":"tls.handshake","msg":"default certificate selection results","identifier":"experiencebuilder.spatialstudieslab.org","subjects":["experiencebuilder.spatialstudieslab.org"],"managed":true,"issuer_key":"acme-v02.api.letsencrypt.org-directory","hash":"83168ae2c2363da6da27b6c759f5c532b1000adbf82885f1abde4c21be888e47"}
Oct 28 01:56:03 ip-172-31-52-244 caddy[6758]: {"level":"debug","ts":1635386163.7279766,"logger":"tls.handshake","msg":"matched certificate in cache","subjects":["experiencebuilder.spatialstudieslab.org"],"managed":true,"expiration":1643158443,"hash":"83168ae2c2363da6da27b6c759f5c532b1000adbf82885f1abde4c21be888e47"}
Oct 28 01:56:03 ip-172-31-52-244 caddy[6758]: {"level":"debug","ts":1635386163.7843502,"logger":"http.handlers.reverse_proxy","msg":"upstream roundtrip","upstream":":3001","request":{"remote_addr":"73.206.116.144:64018","proto":"HTTP/2.0","method":"GET","host":"experiencebuilder.spatialstudieslab.org","uri":"/","headers":{"Sec-Ch-Ua-Mobile":["?0"],"Cookie":["_ga=GA1.1.1757196959.1632418725; _ga_P2FP3EMP96=GS1.1.1635200285.49.0.1635200285.0"],"X-Forwarded-For":["73.206.116.144"],"X-Forwarded-Proto":["https"],"Sec-Fetch-Mode":["navigate"],"Sec-Fetch-User":["?1"],"Sec-Fetch-Dest":["document"],"Sec-Ch-Ua-Platform":["\"Windows\""],"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36"],"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9"],"Sec-Fetch-Site":["cross-site"],"Cache-Control":["max-age=0"],"Sec-Ch-Ua":["\"Chromium\";v=\"94\", \"Google Chrome\";v=\"94\", \";Not A Brand\";v=\"99\""],"Upgrade-Insecure-Requests":["1"],"Accept-Encoding":["gzip, deflate, br"],"Accept-Language":["en-US,en;q=0.9,pt-BR;q=0.8,pt;q=0.7"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"h2","proto_mutual":true,"server_name":"experiencebuilder.spatialstudieslab.org"}},"duration":0.001051957,"error":"EOF"}
Oct 28 01:56:03 ip-172-31-52-244 caddy[6758]: {"level":"error","ts":1635386163.7866545,"logger":"http.log.error","msg":"EOF","request":{"remote_addr":"73.206.116.144:64018","proto":"HTTP/2.0","method":"GET","host":"experiencebuilder.spatialstudieslab.org","uri":"/","headers":{"Sec-Ch-Ua-Mobile":["?0"],"Cookie":["_ga=GA1.1.1757196959.1632418725; _ga_P2FP3EMP96=GS1.1.1635200285.49.0.1635200285.0"],"Sec-Fetch-Mode":["navigate"],"Sec-Fetch-User":["?1"],"Sec-Fetch-Dest":["document"],"Sec-Ch-Ua-Platform":["\"Windows\""],"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36"],"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9"],"Sec-Fetch-Site":["cross-site"],"Cache-Control":["max-age=0"],"Sec-Ch-Ua":["\"Chromium\";v=\"94\", \"Google Chrome\";v=\"94\", \";Not A Brand\";v=\"99\""],"Upgrade-Insecure-Requests":["1"],"Accept-Encoding":["gzip, deflate, br"],"Accept-Language":["en-US,en;q=0.9,pt-BR;q=0.8,pt;q=0.7"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"h2","proto_mutual":true,"server_name":"experiencebuilder.spatialstudieslab.org"}},"duration":0.003450528,"status":502,"err_id":"vbxi8q6qz","err_trace":"reverseproxy.statusError (reverseproxy.go:858)"}
Oct 28 01:56:07 ip-172-31-52-244 caddy[6758]: {"level":"debug","ts":1635386167.4751687,"logger":"http.handlers.reverse_proxy","msg":"upstream roundtrip","upstream":":3001","request":{"remote_addr":"73.206.116.144:64018","proto":"HTTP/2.0","method":"GET","host":"experiencebuilder.spatialstudieslab.org","uri":"/","headers":{"Sec-Fetch-Site":["none"],"Sec-Fetch-User":["?1"],"X-Forwarded-Proto":["https"],"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36"],"Sec-Fetch-Mode":["navigate"],"Accept-Encoding":["gzip, deflate, br"],"Accept-Language":["en-US,en;q=0.9,pt-BR;q=0.8,pt;q=0.7"],"X-Forwarded-For":["73.206.116.144"],"Sec-Ch-Ua-Mobile":["?0"],"Upgrade-Insecure-Requests":["1"],"Sec-Fetch-Dest":["document"],"Cookie":["_ga=GA1.1.1757196959.1632418725; _ga_P2FP3EMP96=GS1.1.1635200285.49.0.1635200285.0"],"Cache-Control":["max-age=0"],"Sec-Ch-Ua":["\"Chromium\";v=\"94\", \"Google Chrome\";v=\"94\", \";Not A Brand\";v=\"99\""],"Sec-Ch-Ua-Platform":["\"Windows\""],"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"h2","proto_mutual":true,"server_name":"experiencebuilder.spatialstudieslab.org"}},"duration":0.000993332,"error":"EOF"}
Oct 28 01:56:07 ip-172-31-52-244 caddy[6758]: {"level":"error","ts":1635386167.4758403,"logger":"http.log.error","msg":"EOF","request":{"remote_addr":"73.206.116.144:64018","proto":"HTTP/2.0","method":"GET","host":"experiencebuilder.spatialstudieslab.org","uri":"/","headers":{"Sec-Ch-Ua-Mobile":["?0"],"Upgrade-Insecure-Requests":["1"],"Sec-Fetch-Dest":["document"],"Cookie":["_ga=GA1.1.1757196959.1632418725; _ga_P2FP3EMP96=GS1.1.1635200285.49.0.1635200285.0"],"Cache-Control":["max-age=0"],"Sec-Ch-Ua":["\"Chromium\";v=\"94\", \"Google Chrome\";v=\"94\", \";Not A Brand\";v=\"99\""],"Sec-Ch-Ua-Platform":["\"Windows\""],"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9"],"Sec-Fetch-Site":["none"],"Sec-Fetch-User":["?1"],"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36"],"Sec-Fetch-Mode":["navigate"],"Accept-Encoding":["gzip, deflate, br"],"Accept-Language":["en-US,en;q=0.9,pt-BR;q=0.8,pt;q=0.7"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"h2","proto_mutual":true,"server_name":"experiencebuilder.spatialstudieslab.org"}},"duration":0.001746623,"status":502,"err_id":"edqy56xn2","err_trace":"reverseproxy.statusError (reverseproxy.go:858)"}

francislavoie · October 28, 2021, 2:04am

Unfortunately, that didn’t give us much new information

This essentially means Caddy got an empty response from the upstream.

What kind of app is it? Are you seeing any logs in your app that might show what’s going on?

matt · October 28, 2021, 2:07am

Make sure you configure Caddy to use HTTPS to connect to the upstream; by default it will use HTTP.

Ualas_Rohrer · October 28, 2021, 2:59am

After adding the https in the CaddyFile, as suggested by @matt , I’ve started getting “x509: certificate signed by unknown authority”, probably because the application was using a self-signed certificate. I’ve run Let’sEncrypt, generated a CA certificate, and added them in the app (check https://experiencebuilder.spatialstudieslab.org:3001). Now, Caddy is returning “certificate is valid for experiencebuilder.spatialstudieslab.org, www.experiencebuilder.spatialstudieslab.org, not localhost”. How should I proceed with that?

Thank you for the insights @francislavoie and @matt

Successfully started Caddy (pid=9903) - Caddy is running in the background
ubuntu@ip-172-31-52-244:/etc/caddy$ 2021/10/28 02:51:04.045     DEBUG   tls.handshake   choosing certificate    {"identifier": "experiencebuilder.spatialstudieslab.org", "num_choices": 1}
2021/10/28 02:51:04.045 DEBUG   tls.handshake   default certificate selection results   {"identifier": "experiencebuilder.spatialstudieslab.org", "subjects": ["experiencebuilder.spatialstudieslab.org"], "managed": true, "issuer_key": "acme-v02.api.letsencrypt.org-directory", "hash": "59616dec3d170fce87e70ae2f7794f83fc55ce7f143c9377cf0b72a72973885e"}
2021/10/28 02:51:04.045 DEBUG   tls.handshake   matched certificate in cache    {"subjects": ["experiencebuilder.spatialstudieslab.org"], "managed": true, "expiration": "2022/01/25 20:33:07.000", "hash": "59616dec3d170fce87e70ae2f7794f83fc55ce7f143c9377cf0b72a72973885e"}
2021/10/28 02:51:04.132 DEBUG   http.handlers.reverse_proxy     upstream roundtrip      {"upstream": "localhost:3001", "request": {"remote_addr": "73.206.116.144:62760", "proto": "HTTP/2.0", "method": "GET", "host": "experiencebuilder.spatialstudieslab.org", "uri": "/", "headers": {"Sec-Fetch-Site": ["none"], "Accept-Language": ["en-US,en;q=0.9,pt-BR;q=0.8,pt;q=0.7"], "Sec-Ch-Ua-Mobile": ["?0"], "User-Agent": ["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36"], "Sec-Fetch-User": ["?1"], "Sec-Ch-Ua": ["\"Chromium\";v=\"94\", \"Google Chrome\";v=\"94\", \";Not A Brand\";v=\"99\""], "Upgrade-Insecure-Requests": ["1"], "Sec-Fetch-Dest": ["document"], "Accept-Encoding": ["gzip, deflate, br"], "Cookie": ["_ga=GA1.1.1757196959.1632418725; _ga_P2FP3EMP96=GS1.1.1635200285.49.0.1635200285.0"], "X-Forwarded-Proto": ["https"], "Purpose": ["prefetch"], "Sec-Fetch-Mode": ["navigate"], "X-Forwarded-For": ["73.206.116.144"], "Sec-Ch-Ua-Platform": ["\"Windows\""], "Accept": ["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9"]}, "tls": {"resumed": false, "version": 772, "cipher_suite": 4865, "proto": "h2", "proto_mutual": true, "server_name": "experiencebuilder.spatialstudieslab.org"}}, "duration": 0.021388112, "error": "x509: certificate is valid for experiencebuilder.spatialstudieslab.org, www.experiencebuilder.spatialstudieslab.org, not localhost"}
2021/10/28 02:51:04.133 ERROR   http.log.error  x509: certificate is valid for experiencebuilder.spatialstudieslab.org, www.experiencebuilder.spatialstudieslab.org, not localhost      {"request": {"remote_addr": "73.206.116.144:62760", "proto": "HTTP/2.0", "method": "GET", "host": "experiencebuilder.spatialstudieslab.org", "uri": "/", "headers": {"Sec-Ch-Ua-Platform": ["\"Windows\""], "Accept": ["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9"], "Sec-Ch-Ua-Mobile": ["?0"], "User-Agent": ["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36"], "Sec-Fetch-Site": ["none"], "Accept-Language": ["en-US,en;q=0.9,pt-BR;q=0.8,pt;q=0.7"], "Sec-Ch-Ua": ["\"Chromium\";v=\"94\", \"Google Chrome\";v=\"94\", \";Not A Brand\";v=\"99\""], "Upgrade-Insecure-Requests": ["1"], "Sec-Fetch-User": ["?1"], "Purpose": ["prefetch"], "Sec-Fetch-Mode": ["navigate"], "Sec-Fetch-Dest": ["document"], "Accept-Encoding": ["gzip, deflate, br"], "Cookie": ["_ga=GA1.1.1757196959.1632418725; _ga_P2FP3EMP96=GS1.1.1635200285.49.0.1635200285.0"]}, "tls": {"resumed": false, "version": 772, "cipher_suite": 4865, "proto": "h2", "proto_mutual": true, "server_name": "experiencebuilder.spatialstudieslab.org"}}, "duration": 0.021846077, "status": 502, "err_id": "s7r0qj4dr", "err_trace": "reverseproxy.statusError (reverseproxy.go:858)"}
2021/10/28 02:51:05.271 DEBUG   http.handlers.reverse_proxy     upstream roundtrip      {"upstream": "localhost:3001", "request": {"remote_addr": "73.206.116.144:62760", "proto": "HTTP/2.0", "method": "GET", "host": "experiencebuilder.spatialstudieslab.org", "uri": "/service-worker.js", "headers": {"User-Agent": ["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36"], "Cache-Control": ["max-age=0"], "Sec-Fetch-Dest": ["serviceworker"], "Accept-Language": ["en-US,en;q=0.9,pt-BR;q=0.8,pt;q=0.7"], "Sec-Fetch-Site": ["same-origin"], "Cookie": ["_ga=GA1.1.1757196959.1632418725; _ga_P2FP3EMP96=GS1.1.1635200285.49.0.1635200285.0"], "X-Forwarded-Proto": ["https"], "Accept": ["*/*"], "Service-Worker": ["script"], "Accept-Encoding": ["gzip, deflate, br"], "If-Modified-Since": ["Thu, 14 Oct 2021 16:47:26 GMT"], "X-Forwarded-For": ["73.206.116.144"], "Sec-Fetch-Mode": ["same-origin"], "Referer": ["https://experiencebuilder.spatialstudieslab.org/service-worker.js"]}, "tls": {"resumed": false, "version": 772, "cipher_suite": 4865, "proto": "h2", "proto_mutual": true, "server_name": "experiencebuilder.spatialstudieslab.org"}}, "duration": 0.002794549, "error": "x509: certificate is valid for experiencebuilder.spatialstudieslab.org, www.experiencebuilder.spatialstudieslab.org, not localhost"}
2021/10/28 02:51:05.272 ERROR   http.log.error  x509: certificate is valid for experiencebuilder.spatialstudieslab.org, www.experiencebuilder.spatialstudieslab.org, not localhost      {"request": {"remote_addr": "73.206.116.144:62760", "proto": "HTTP/2.0", "method": "GET", "host": "experiencebuilder.spatialstudieslab.org", "uri": "/service-worker.js", "headers": {"Sec-Fetch-Site": ["same-origin"], "Sec-Fetch-Dest": ["serviceworker"], "User-Agent": ["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36"], "Cookie": ["_ga=GA1.1.1757196959.1632418725; _ga_P2FP3EMP96=GS1.1.1635200285.49.0.1635200285.0"], "Cache-Control": ["max-age=0"], "Accept": ["*/*"], "Service-Worker": ["script"], "Accept-Language": ["en-US,en;q=0.9,pt-BR;q=0.8,pt;q=0.7"], "If-Modified-Since": ["Thu, 14 Oct 2021 16:47:26 GMT"], "Sec-Fetch-Mode": ["same-origin"], "Referer": ["https://experiencebuilder.spatialstudieslab.org/service-worker.js"], "Accept-Encoding": ["gzip, deflate, br"]}, "tls": {"resumed": false, "version": 772, "cipher_suite": 4865, "proto": "h2", "proto_mutual": true, "server_name": "experiencebuilder.spatialstudieslab.org"}}, "duration": 0.003508487, "status": 502, "err_id": "sy4dz4bn1", "err_trace": "reverseproxy.statusError (reverseproxy.go:858)"}
ubuntu@ip-172-31-52-244:/etc/caddy$ 2021/10/28 02:51:32.459     DEBUG   http.std                                                                                                            lib     http: TLS handshake error from 69.164.221.183:61000: tls: client offered

francislavoie · October 28, 2021, 3:15am

See the docs on proxying to an HTTPS backend:

FWIW, there’s close to zero benefit to using HTTPS between Caddy and your app, if they’re running on the same machine. It’ll be much simpler to just turn off HTTPS on your application and proxying over HTTP, so you don’t need to worry about automating certificates for the upstream app and dealing with trust.

Ualas_Rohrer · October 28, 2021, 3:43am

Voila! I’ve disabled https in the app, removed https from the CaddyFile and it worked, yaaay!

Thank you @matt for answering my first question and thank you @francislavoie for solving my issue.

system · November 26, 2021, 11:28pm

This topic was automatically closed after 30 days. New replies are no longer allowed.