Reverse proxy from https to http

iam getting below error

{“level”:“error”,“ts”:1630578291.1833043,“logger”:“http.log.error”,“msg”:“remote error: tls: handshake failure”,“request”:{“remote_addr”:"[::1]:57555",“proto”:“HTTP/1.1”,“method”:“GET”,“host”:“localhost”,“uri”:"/plugin/index.html",“headers”:{“Accept-Encoding”:[“gzip, deflate, br”],“Accept-Language”:[“en-US,en;q=0.9”],“Referer”:[“http://localhost/"],“Sec-Ch-Ua-Mobile”:["?0"],“Upgrade-Insecure-Requests”:[“1”],“User-Agent”:["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36”],“Sec-Fetch-Mode”:[“navigate”],“Sec-Fetch-Dest”:[“document”],“Connection”:[“keep-alive”],“Cache-Control”:[“max-age=0”],“Sec-Ch-Ua”:["“Google Chrome”;v=“93”, " Not;A Brand";v=“99”, “Chromium”;v=“93"”],“Sec-Ch-Ua-Platform”:["“Windows”"],“Sec-Fetch-Site”:[“same-origin”],“Sec-Fetch-User”:["?1"],“Accept”:[“text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9”]}},“duration”:5.0250136,“status”:502,“err_id”:“uz8ve2gs6”,“err_trace”:“reverseproxy.statusError (reverseproxy.go:857)”}

Here is my config:

:80 {
# Set this path to your site’s directory.
root * C:\Users\Administrator\Desktop\searchblox

    # Enable the static file server.
    file_server @NoAccess  browse
    
    # Another common task is to set up a reverse proxy:
    # reverse_proxy localhost:8080
    reverse_proxy https://localhost:8443 {
                    lb_policy round_robin
                    lb_try_duration 5s
                    health_status 200
                    health_interval 10s
                    fail_duration 30s
			transport http {
					tls
					tls_insecure_skip_verify
			}
    }

}

1. Caddy version (caddy version):

v2.4.3 h1:Y1FaV2N4WO3rBqxSYA8UZsZTQdN+PwcoOcAiZTM8C0I=

2. How I run Caddy: run as a service on windows

a. System environment:

windows server 2019

b. Command:

Paste command here.

c. Service/unit/compose file:

Paste full file contents here.
Make sure backticks stay on their own lines,
and the post looks nice in the preview pane.

d. My complete Caddyfile or JSON config:

Paste config here, replacing this text.
Use `caddy fmt` to make it readable.
DO NOT REDACT anything except credentials.
LEAVE DOMAIN NAMES INTACT.
Make sure the backticks stay on their own lines.

3. The problem I’m having:

4. Error messages and/or full log output:

5. What I already tried:

6. Links to relevant resources:

Are you sure your upstream is on HTTPS? It seems like it isn’t

yes we are doing prot forward from https to http

Do you have a server running on the same PC listening on https://localhost:8443? If yes, what’s in its logs?

is iam running on same server

“Chromium”;v=“93"”],“Sec-Ch-Ua-Mobile”:["?0"],“Sec-Ch-Ua-Platform”:["“Windows”"],“Sec-Fetch-Site”:[“same-origin”],“Accept-Encoding”:[“gzip, deflate, br”],“Sec-Fetch-User”:["?1"],“Referer”:[“http://localhost/"],“Accept-Language”:[“en-US,en;q=0.9”]}},“duration”:0.0055894,“status”:502,“err_id”:“q6hhr53wq”,“err_trace”:"reverseproxy.statusError (reverseproxy.go:857)”}
{“level”:“error”,“ts”:1630582628.017342,“logger”:“http.log.error.log0”,“msg”:“remote error: tls: handshake failure”,“request”:{“remote_addr”:"[::1]:56814",“proto”:“HTTP/1.1”,“method”:“GET”,“host”:“localhost”,“uri”:"/favicon.ico",“headers”:{“Referer”:[“http://localhost/"],“Accept-Encoding”:["gzip, deflate, br”],“Sec-Ch-Ua”:["“Google Chrome”;v=“93”, " Not;A Brand";v=“99”, “Chromium”;v=“93"”],“Sec-Ch-Ua-Platform”:["“Windows”"],“Accept”:[“image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8"],“User-Agent”:[“Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36”],“Sec-Fetch-Site”:[“same-origin”],“Sec-Fetch-Mode”:[“no-cors”],“Sec-Fetch-Dest”:[“image”],“Accept-Language”:[“en-US,en;q=0.9”],“Connection”:[“keep-alive”],“Sec-Ch-Ua-Mobile”:["?0"]}},“duration”:0.0073497,“status”:502,“err_id”:“qm9zw2fhi”,“err_trace”:“reverseproxy.statusError (reverseproxy.go:857)”}
{“level”:“error”,“ts”:1630582628.017342,“logger”:“http.log.error.log0”,“msg”:“remote error: tls: handshake failure”,“request”:{“remote_addr”:"[::1]:60101",“proto”:“HTTP/1.1”,“method”:“GET”,“host”:“localhost”,“uri”:"/plugin/index.html",“headers”:{“Sec-Ch-Ua-Mobile”:["?0"],“Sec-Ch-Ua-Platform”:["“Windows”"],“Upgrade-Insecure-Requests”:[“1”],“Sec-Fetch-Site”:[“same-origin”],“Sec-Ch-Ua”:["“Google Chrome”;v=“93”, " Not;A Brand";v=“99”, “Chromium”;v=“93"”],“Accept”:["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,
/*;q=0.8,application/signed-exchange;v=b3;q=0.9”],“Sec-Fetch-Mode”:[“navigate”],“Referer”:[“http://localhost/"],“Accept-Encoding”:["gzip, deflate, br”],“Accept-Language”:[“en-US,en;q=0.9”],“Connection”:[“keep-alive”],“User-Agent”:[“Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36”],“Sec-Fetch-Dest”:[“document”]}},“duration”:0.0073497,“status”:502,“err_id”:“v7dvnibyz”,“err_trace”:“reverseproxy.statusError (reverseproxy.go:857)”}

This is Caddy’s log. Which other server are you running on https://localhost:8443?

yes my application uses https://localhost:8443 port . i am trying use reverse proxy and file server. can you help me

We’re trying to eliminate the probable factors one by one. Can you browse your app on the browser with the address https://localhost:8443?

yes iam able to browse

Ah, I see it now. Add header_up Host {upstream_hostport} inside the reverse_proxy directive block. So this:

Becomes:

    reverse_proxy https://localhost:8443 {
                    header_up Host {upstream_hostport}
                    lb_policy round_robin
                    lb_try_duration 5s
                    health_status 200
                    health_interval 10s
                    fail_duration 30s
			transport http {
					tls
					tls_insecure_skip_verify
			}
    }
1 Like

Now iam getting this error

“level”:“info”,“ts”:1630632995.73434,“logger”:“tls”,“msg”:“finished cleaning storage units”}
{“level”:“info”,“ts”:1630632995.73434,“msg”:“autosaved config (load with --resume flag)”,“file”:“C:\Windows\system32\config\systemprofile\AppData\Roaming\Caddy\autosave.json”}
{“level”:“info”,“ts”:1630632995.73434,“msg”:“serving initial configuration”}
{“level”:“error”,“ts”:1630633004.25053,“logger”:“http.log.error”,“msg”:“remote error: tls: handshake failure”,“request”:{“remote_addr”:"[::1]:62271",“proto”:“HTTP/1.1”,“method”:“GET”,“host”:“localhost”,“uri”:"/",“headers”:{“Sec-Ch-Ua”:["“Google Chrome”;v=“93”, " Not;A Brand";v=“99”, “Chromium”;v=“93"”],“Sec-Ch-Ua-Mobile”:["?0"],“Upgrade-Insecure-Requests”:[“1”],“Accept”:[“text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9”],“Connection”:[“keep-alive”],“User-Agent”:[“Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36”],“Sec-Fetch-Dest”:[“document”],“Accept-Encoding”:[“gzip, deflate, br”],“Cache-Control”:[“max-age=0”],“Sec-Fetch-User”:["?1"],“Sec-Ch-Ua-Platform”:["“Windows”"],“Sec-Fetch-Site”:[“none”],“Sec-Fetch-Mode”:[“navigate”],“Accept-Language”:[“en-US,en;q=0.9”]}},“duration”:5.0306704,“status”:502,“err_id”:“96ntr6mgf”,“err_trace”:“reverseproxy.statusError (reverseproxy.go:857)”}
{“level”:“error”,“ts”:1630633220.6791675,“logger”:“http.log.error”,“msg”:“remote error: tls: handshake failure”,“request”:{“remote_addr”:"[::1]:62271",“proto”:“HTTP/1.1”,“method”:“GET”,“host”:“localhost”,“uri”:"/",“headers”:{“Sec-Ch-Ua-Mobile”:["?0"],“Sec-Fetch-Site”:[“none”],“Upgrade-Insecure-Requests”:[“1”],“Sec-Fetch-User”:["?1"],“Sec-Fetch-Dest”:[“document”],“Sec-Ch-Ua-Platform”:["“Windows”"],“User-Agent”:[“Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36”],“Sec-Fetch-Mode”:[“navigate”],“Connection”:[“keep-alive”],“Cache-Control”:[“max-age=0”],“Sec-Ch-Ua”:["“Google Chrome”;v=“93”, " Not;A Brand";v=“99”, “Chromium”;v=“93"”],“Accept”:[“text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9”],“Accept-Encoding”:[“gzip, deflate, br”],“Accept-Language”:[“en-US,en;q=0.9”]}},“duration”:5.0200198,“status”:502,“err_id”:“45i91iejy”,“err_trace”:“reverseproxy.statusError (reverseproxy.go:857)”}
{“level”:“error”,“ts”:1630633227.8296635,“logger”:“http.log.error”,“msg”:“no upstreams available”,“request”:{“remote_addr”:"[::1]:62271",“proto”:“HTTP/1.1”,“method”:“GET”,“host”:“localhost”,“uri”:"/",“headers”:{“Cache-Control”:[“no-cache”],“Sec-Fetch-Mode”:[“navigate”],“Accept-Language”:[“en-US,en;q=0.9”],“Pragma”:[“no-cache”],“Sec-Ch-Ua-Mobile”:["?0"],“Sec-Ch-Ua-Platform”:["“Windows”"],“User-Agent”:[“Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36”],“Connection”:[“keep-alive”],“Sec-Fetch-Site”:[“none”],“Sec-Fetch-User”:["?1"],“Sec-Fetch-Dest”:[“document”],“Sec-Ch-Ua”:["“Google Chrome”;v=“93”, " Not;A Brand";v=“99”, “Chromium”;v=“93"”],“Upgrade-Insecure-Requests”:[“1”],“Accept”:[“text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9”],“Accept-Encoding”:[“gzip, deflate, br”]}},“duration”:5.0135019,“status”:502,“err_id”:“yabeif3u5”,“err_trace”:“reverseproxy.statusError (reverseproxy.go:857)”}

my config:
:80 {
reverse_proxy https://localhost:8443 {
header_up Host {upstream_hostport}
lb_policy round_robin
lb_try_duration 5s
health_status 200
health_interval 10s
fail_duration 30s
transport http {
tls
tls_insecure_skip_verify
}
}
}

FYI this placeholder shortcut was just added in v2.4.4. If using v2.4.3, use {http.reverse_proxy.upstream.hostport} instead

like this ?

:80 {
# Set this path to your site’s directory.
root * /usr/share/caddy

    # Enable the static file server.
    file_server
	reverse_proxy https://localhost:8443 {
                header_up Host {http.reverse_proxy.upstream.hostport}
                lb_policy round_robin
                lb_try_duration 5s
                health_status 200
                health_interval 10s
                fail_duration 30s
				transport http {
						tls
						tls_insecure_skip_verify
		}
	}

}

Here is logs :slight_smile:

{“level”:“info”,“ts”:1630636157.0301752,“msg”:“using adjacent Caddyfile”}
{“level”:“warn”,“ts”:1630636157.0322042,“msg”:“input is not formatted with ‘caddy fmt’”,“adapter”:“caddyfile”,“file”:“Caddyfile”,“line”:2}
{“level”:“info”,“ts”:1630636157.0368593,“logger”:“admin”,“msg”:“admin endpoint started”,“address”:“tcp/localhost:2019”,“enforce_origin”:false,“origins”:[“localhost:2019”,"[::1]:2019",“127.0.0.1:2019”]}
{“level”:“info”,“ts”:1630636157.0374336,“logger”:“tls.cache.maintenance”,“msg”:“started background certificate maintenance”,“cache”:“0xc0003b5a40”}
{“level”:“info”,“ts”:1630636157.0375242,“logger”:“http”,“msg”:“server is listening only on the HTTP port, so no automatic HTTPS will be applied to this server”,“server_name”:“srv0”,“http_port”:80}
{“level”:“info”,“ts”:1630636157.0375242,“logger”:“tls”,“msg”:“cleaning storage unit”,“description”:“FileStorage:C:\Windows\system32\config\systemprofile\AppData\Roaming\Caddy”}
{“level”:“info”,“ts”:1630636157.0375242,“logger”:“tls”,“msg”:“finished cleaning storage units”}
{“level”:“info”,“ts”:1630636157.0388598,“msg”:“autosaved config (load with --resume flag)”,“file”:“C:\Windows\system32\config\systemprofile\AppData\Roaming\Caddy\autosave.json”}
{“level”:“info”,“ts”:1630636157.0388598,“msg”:“serving initial configuration”}
{“level”:“error”,“ts”:1630636166.8194375,“logger”:“http.log.error”,“msg”:“remote error: tls: handshake failure”,“request”:{“remote_addr”:"[::1]:50408",“proto”:“HTTP/1.1”,“method”:“GET”,“host”:“localhost”,“uri”:"/",“headers”:{“Upgrade-Insecure-Requests”:[“1”],“User-Agent”:[“Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36”],“Sec-Fetch-Site”:[“none”],“Cache-Control”:[“max-age=0”],“Sec-Ch-Ua-Platform”:["“Windows”"],“Sec-Ch-Ua”:["“Google Chrome”;v=“93”, " Not;A Brand";v=“99”, “Chromium”;v=“93"”],“Accept”:[“text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9”],“Sec-Fetch-User”:["?1"],“Sec-Fetch-Dest”:[“document”],“Accept-Language”:[“en-US,en;q=0.9”],“Connection”:[“keep-alive”],“Sec-Ch-Ua-Mobile”:["?0"],“Sec-Fetch-Mode”:[“navigate”],“Accept-Encoding”:[“gzip, deflate, br”]}},“duration”:5.0313103,“status”:502,“err_id”:“129w4g5nq”,“err_trace”:“reverseproxy.statusError (reverseproxy.go:857)”}
{“level”:“error”,“ts”:1630636175.6167772,“logger”:“http.log.error”,“msg”:“no upstreams available”,“request”:{“remote_addr”:"[::1]:50408",“proto”:“HTTP/1.1”,“method”:“GET”,“host”:“localhost”,“uri”:"/",“headers”:{“Sec-Ch-Ua”:["“Google Chrome”;v=“93”, " Not;A Brand";v=“99”, “Chromium”;v=“93"”],“Sec-Ch-Ua-Mobile”:["?0"],“Sec-Ch-Ua-Platform”:["“Windows”"],“Upgrade-Insecure-Requests”:[“1”],“Accept-Encoding”:[“gzip, deflate, br”],“Sec-Fetch-Dest”:[“document”],“Connection”:[“keep-alive”],“User-Agent”:[“Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36”],“Accept”:[“text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9”],“Sec-Fetch-Site”:[“none”],“Sec-Fetch-Mode”:[“navigate”],“Sec-Fetch-User”:["?1"],“Cache-Control”:[“max-age=0”],“Accept-Language”:[“en-US,en;q=0.9”]}},“duration”:5.0137696,“status”:502,“err_id”:“v5yz983dq”,“err_trace”:“reverseproxy.statusError (reverseproxy.go:857)”}
{“level”:“error”,“ts”:1630636187.651701,“logger”:“http.log.error”,“msg”:“no upstreams available”,“request”:{“remote_addr”:"[::1]:50408",“proto”:“HTTP/1.1”,“method”:“GET”,“host”:“localhost”,“uri”:"/",“headers”:{“Upgrade-Insecure-Requests”:[“1”],“User-Agent”:[“Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36”],“Cache-Control”:[“max-age=0”],“Sec-Ch-Ua”:["“Google Chrome”;v=“93”, " Not;A Brand";v=“99”, “Chromium”;v=“93"”],“Accept”:[“text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9”],“Accept-Encoding”:[“gzip, deflate, br”],“Connection”:[“keep-alive”],“Sec-Ch-Ua-Platform”:["“Windows”"],“Sec-Fetch-Site”:[“none”],“Sec-Ch-Ua-Mobile”:["?0"],“Sec-Fetch-Mode”:[“navigate”],“Sec-Fetch-User”:["?1"],“Sec-Fetch-Dest”:[“document”],“Accept-Language”:[“en-US,en;q=0.9”]}},“duration”:5.0137427,“status”:502,“err_id”:“ii9hbgwja”,“err_trace”:“reverseproxy.statusError (reverseproxy.go:857)”}
{“level”:“error”,“ts”:1630636205.9394557,“logger”:“http.log.error”,“msg”:“remote error: tls: handshake failure”,“request”:{“remote_addr”:“172.26.4.0:60518”,“proto”:“HTTP/1.1”,“method”:“GET”,“host”:“172.26.4.0”,“uri”:"/",“headers”:{“Upgrade-Insecure-Requests”:[“1”],“User-Agent”:[“Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36”],“Accept”:[“text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9”],“Accept-Encoding”:[“gzip, deflate”],“Accept-Language”:[“en-US,en;q=0.9”],“Connection”:[“keep-alive”],“Cache-Control”:[“max-age=0”]}},“duration”:5.0199614,“status”:502,“err_id”:“tzstb2dff”,“err_trace”:“reverseproxy.statusError (reverseproxy.go:857)”}
{“level”:“error”,“ts”:1630636219.9360006,“logger”:“http.log.error”,“msg”:“no upstreams available”,“request”:{“remote_addr”:“172.26.4.0:60518”,“proto”:“HTTP/1.1”,“method”:“GET”,“host”:“172.26.4.0”,“uri”:"/",“headers”:{“Accept-Language”:[“en-US,en;q=0.9”],“Connection”:[“keep-alive”],“Cache-Control”:[“max-age=0”],“Upgrade-Insecure-Requests”:[“1”],“User-Agent”:[“Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36”],“Accept”:[“text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9”],“Accept-Encoding”:[“gzip, deflate”]}},“duration”:5.0220613,“status”:502,“err_id”:“0scga63y1”,“err_trace”:“reverseproxy.statusError (reverseproxy.go:857)”}
{“level”:“error”,“ts”:1630636245.13898,“logger”:“http.log.error”,“msg”:“remote error: tls: handshake failure”,“request”:{“remote_addr”:“172.26.4.0:58266”,“proto”:“HTTP/1.1”,“method”:“GET”,“host”:“172.26.4.0”,“uri”:"/",“headers”:{“Accept-Language”:[“en-US,en;q=0.9”],“Connection”:[“keep-alive”],“Cache-Control”:[“max-age=0”],“Upgrade-Insecure-Requests”:[“1”],“User-Agent”:[“Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36”],“Accept”:[“text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9”],“Accept-Encoding”:[“gzip, deflate”]}},“duration”:5.0180971,“status”:502,“err_id”:“sqexu06er”,“err_trace”:“reverseproxy.statusError (reverseproxy.go:857)”}
{“level”:“error”,“ts”:1630636247.7317302,“logger”:“http.log.error”,“msg”:“no upstreams available”,“request”:{“remote_addr”:"[::1]:50408",“proto”:“HTTP/1.1”,“method”:“GET”,“host”:“localhost”,“uri”:"/",“headers”:{“Sec-Ch-Ua-Mobile”:["?0"],“Upgrade-Insecure-Requests”:[“1”],“Accept”:[“text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9”],“Sec-Fetch-Site”:[“none”],“Sec-Fetch-User”:["?1"],“Accept-Encoding”:[“gzip, deflate, br”],“Connection”:[“keep-alive”],“Cache-Control”:[“max-age=0”],“Sec-Ch-Ua”:["“Google Chrome”;v=“93”, " Not;A Brand";v=“99”, “Chromium”;v=“93"”],“Sec-Ch-Ua-Platform”:["“Windows”"],“User-Agent”:[“Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36”],“Sec-Fetch-Mode”:[“navigate”],“Sec-Fetch-Dest”:[“document”],“Accept-Language”:[“en-US,en;q=0.9”]}},“duration”:5.0114335,“status”:502,“err_id”:“qsdjxexip”,“err_trace”:“reverseproxy.statusError (reverseproxy.go:857)”}
{“level”:“error”,“ts”:1630636259.1721454,“logger”:“http.log.error”,“msg”:“no upstreams available”,“request”:{“remote_addr”:“172.26.4.0:59695”,“proto”:“HTTP/1.1”,“method”:“GET”,“host”:“172.26.4.0”,“uri”:"/",“headers”:{“Connection”:[“keep-alive”],“Upgrade-Insecure-Requests”:[“1”],“User-Agent”:[“Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36”],“Accept”:[“text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9”],“Accept-Encoding”:[“gzip, deflate”],“Accept-Language”:[“en-US,en;q=0.9”]}},“duration”:5.0141666,“status”:502,“err_id”:“47yr4zxzh”,“err_trace”:“reverseproxy.statusError (reverseproxy.go:857)”}

Please use code formatting when posting on the forums. Use ``` on their own lines, before and after your config and logs. It’s very difficult to read your posts because whitespace is not properly preserved.

Caddy still can’t connect to your upstream.

What’s the domain that your upstream uses in its TLS certificate? Is it actually localhost, or something else?

It doesn’t make sense to both enable a file server and a reverse_proxy, without using any request matchers. The reverse_proxy will always take precedence over file_server because the directives are sorted according to this directive order:

It also doesn’t make sense to change the lb_policy when you only have a single upstream defined.

Here is my config. and we want enable the reverse proxy from 8443 to 80 and also we need to use loadbalancer. help me and iam trying this on windows server 2019.
:80 {
reverse_proxy https://localhost:8443 {
header_up Host {http.reverse_proxy.upstream.hostport}
#lb_policy round_robin
#lb_try_duration 5s
health_status 200
health_interval 10s
fail_duration 30s
transport http {
tls
tls_insecure_skip_verify
}
}
}

how to do the proxy from https://localhost:8443 to http://localhost:80 on the same server (caddy installed server ). please proved the Caddyfile for this requirement.

I have tried the above configuration but iam getting TLS handshake failure with 857

======================================================================

{“level”:“error”,“ts”:1630668419.3319337,“logger”:“http.log.error”,“msg”:“remote error: tls: handshake failure”,“request”:{“remote_addr”:"[::1]:61288",“proto”:“HTTP/1.1”,“method”:“GET”,“host”:“localhost”,“uri”:"/",“headers”:{“Upgrade-Insecure-Requests”:[“1”],“Sec-Fetch-Dest”:[“document”],“Sec-Fetch-Mode”:[“navigate”],“Sec-Fetch-User”:["?1"],“Cache-Control”:[“max-age=0”],“Sec-Ch-Ua-Platform”:["“Windows”"],“Sec-Fetch-Site”:[“none”],“Accept”:[“text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9”],“Accept-Language”:[“en-US,en;q=0.9”],“Connection”:[“keep-alive”],“Sec-Ch-Ua-Mobile”:["?0"],“User-Agent”:[“Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36”],“Sec-Ch-Ua”:["“Google Chrome”;v=“93”, " Not;A Brand";v=“99”, “Chromium”;v=“93"”],“Accept-Encoding”:[“gzip, deflate, br”]}},“duration”:0.0141414,“status”:502,“err_id”:“qr9vrfwwn”,“err_trace”:“reverseproxy.statusError (reverseproxy.go:857)”}

=====================================================================

To effectively help you, we need more information about your setup. Can you answer Francis’ question?

Will you be adding more servers? Because load-balancing to a single upstream does not make much sense

Yes. we are going to add two more server and our upstream is localhost

and what is the domain name in the TLS certificate? When open localhost:8443 on Chrome, click on “Not Secure” and check the certificate details on there.

here is the domain name jetty.eclipse.org.