Reverse Proxy from http to https backend

axp · May 18, 2020, 6:49pm

1. Caddy version (`caddy version`):

2.0

2. How I run Caddy:

systemd

a. System environment:

debian 10

b. Command:

3. The problem I’m having:

I do have 2 networked RFID-Readers which can only make a post to an HTTP Endpoint upon Card Discovery.

Now i need to make Caddy do the https stuff for my “dumb” RFID-Readers.

I already tried this simple config:

localhost:8080

reverse_proxy {
to data.hasibaer.net:443
header_up Host {http.reverse_proxy.upstream.host}
transport http {
tls
}
}

but i get the following Error:* Trying ::1:8080…

TCP_NODELAY set
Connected to localhost (::1) port 8080 (#0)

GET / HTTP/1.1
Host: localhost:8080
User-Agent: curl/7.68.0
Accept: /

Mark bundle as not supporting multiuse
HTTP 1.0, assume close after body
< HTTP/1.0 400 Bad Request
<
Client sent an HTTP request to an HTTPS server.
Closing connection 0

should this work or Am i in the wrong direction?

In the End i want caddy to provide an http Endpoint and forward it to an https Endpoint, meaning that it should do the https challenge, so my clients don’t have to.

so far,
axp

matt · May 18, 2020, 8:20pm

Caddy is serving localhost:8080 over HTTPS because it can. (That’s honestly the reason.)

To serve HTTP with a hostname in the address, you have to specify it explicitly: http://localhost:8080

axp · May 20, 2020, 4:47pm

Am i missing here something?

Config:

http://172.20.3.81 {
log {
output file /tmp/plop.log
format single_field common_log
}
reverse_proxy  {
to data.hasibaer.services:443
header_up Host Host {http.reverse_proxy.upstream.host}
transport http {
tls
}
}
}

logging says that there is something:
tail -f /tmp/plop.log
172.16.0.53 - - [20/May/2020:18:42:46 +0200] “POST /muk_hb_wwdh/init_scale?mac=745bc5510088&id=84BED6CB HTTP/1.1” 200 0

but the Request never reaches the end.

looks like the config in this post:
Reverse proxy HTTP -> HTTPS transport issues - missing protocol?http → https

francislavoie · May 20, 2020, 5:09pm

That log file will only show access logs. Look at the Caddy stdout to see if there were any errors.

Also, please indent your configs when posting them on the forums, it’s very hard to read! You can use the caddy fmt command to do just this!

axp · May 22, 2020, 7:13am

http://172.20.3.81 {
        log {
                output file /tmp/plop.log
                format single_field common_log
        }
        reverse_proxy {
                to data.hasibaer.services:443
                header_up Host Host {http.reverse_proxy.upstream.host}
                transport http {
                        tls
                }
        }
}

Iam basically just doing a Post to the https endpoint.
it shows up in the logfile in /tmp/plop.log

172.16.0.53 - - [22/May/2020:09:12:12 +0200] "POST /muk_hb_wwdh/init_scale?mac=745bc5510088&id=84BED6CB HTTP/1.1" 200 0

i don’t get any error on stdout/stderr if i run caddy via “caddy run”

so far,
axp

matt · May 22, 2020, 2:19pm

That’s weird though, it should work with what you had before. I’m mobile ATM, can you check if the adapted json is different?

francislavoie · May 22, 2020, 2:53pm

To check what @matt asked for, use the caddy adapt --config /path/to/your/Caddyfile --pretty command, before and after the change.

axp · May 22, 2020, 3:13pm

Sry, @matt it was a typo on my side:

i had “Host” twice in the header_up directive. it should have worked as suggested (just without the duplicate “Host”).

system · June 17, 2020, 6:49pm

This topic was automatically closed after 30 days. New replies are no longer allowed.