Reverse Proxy from http to https backend

1. Caddy version (caddy version):

2.0

2. How I run Caddy:

systemd

a. System environment:

debian 10

b. Command:

3. The problem I’m having:

I do have 2 networked RFID-Readers which can only make a post to an HTTP Endpoint upon Card Discovery.

Now i need to make Caddy do the https stuff for my “dumb” RFID-Readers.

I already tried this simple config:

localhost:8080

reverse_proxy {
to data.hasibaer.net:443
header_up Host {http.reverse_proxy.upstream.host}
transport http {
tls
}
}

but i get the following Error:* Trying ::1:8080…

  • TCP_NODELAY set
  • Connected to localhost (::1) port 8080 (#0)

GET / HTTP/1.1
Host: localhost:8080
User-Agent: curl/7.68.0
Accept: /

  • Mark bundle as not supporting multiuse
  • HTTP 1.0, assume close after body
    < HTTP/1.0 400 Bad Request
    <
    Client sent an HTTP request to an HTTPS server.
  • Closing connection 0

should this work or Am i in the wrong direction?

In the End i want caddy to provide an http Endpoint and forward it to an https Endpoint, meaning that it should do the https challenge, so my clients don’t have to.

so far,
axp

Caddy is serving localhost:8080 over HTTPS because it can. (That’s honestly the reason.)

To serve HTTP with a hostname in the address, you have to specify it explicitly: http://localhost:8080

Am i missing here something?

Config:

http://172.20.3.81 {
log {
output file /tmp/plop.log
format single_field common_log
}
reverse_proxy  {
to data.hasibaer.services:443
header_up Host Host {http.reverse_proxy.upstream.host}
transport http {
tls
}
}
}

logging says that there is something:
tail -f /tmp/plop.log
172.16.0.53 - - [20/May/2020:18:42:46 +0200] “POST /muk_hb_wwdh/init_scale?mac=745bc5510088&id=84BED6CB HTTP/1.1” 200 0

but the Request never reaches the end.

looks like the config in this post:
Reverse proxy HTTP -> HTTPS transport issues - missing protocol?http -> https

That log file will only show access logs. Look at the Caddy stdout to see if there were any errors.

Also, please indent your configs when posting them on the forums, it’s very hard to read! You can use the caddy fmt command to do just this!

http://172.20.3.81 {
        log {
                output file /tmp/plop.log
                format single_field common_log
        }
        reverse_proxy {
                to data.hasibaer.services:443
                header_up Host Host {http.reverse_proxy.upstream.host}
                transport http {
                        tls
                }
        }
}

Iam basically just doing a Post to the https endpoint.
it shows up in the logfile in /tmp/plop.log

172.16.0.53 - - [22/May/2020:09:12:12 +0200] "POST /muk_hb_wwdh/init_scale?mac=745bc5510088&id=84BED6CB HTTP/1.1" 200 0

i don’t get any error on stdout/stderr if i run caddy via “caddy run”

so far,
axp

That’s weird though, it should work with what you had before. I’m mobile ATM, can you check if the adapted json is different?

To check what @matt asked for, use the caddy adapt --config /path/to/your/Caddyfile --pretty command, before and after the change.

Sry, @matt it was a typo on my side:

i had “Host” twice in the header_up directive. it should have worked as suggested (just without the duplicate “Host”).

1 Like