1. Caddy version:
v2.6.2 h1:wKoFIxpmOJLGl3QXoo6PNbYvGW4xLEgo32GPBEjWL8o=
2. How I installed, and run Caddy:
sudo apt install -y debian-keyring debian-archive-keyring apt-transport-https
curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | sudo gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg
curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | sudo tee /etc/apt/sources.list.d/caddy-stable.list
sudo apt update
sudo apt install caddy
a. System environment:
DietPi v8.13.2, aarch64, Rock 5B 8GB ram, systemd
b. Command:
systemctl start caddy
c. Service/unit/compose file:
● caddy.service - Caddy
Loaded: loaded (/lib/systemd/system/caddy.service; enabled; vendor preset: enabled)
Drop-In: /etc/systemd/system/caddy.service.d
└─dietpi-services_edit.conf
Active: active (running) since Wed 2023-01-25 21:45:50 CST; 12s ago
Docs: https://caddyserver.com/docs/
Main PID: 9204 (caddy)
Tasks: 13 (limit: 8904)
Memory: 12.1M
CPU: 587ms
CGroup: /system.slice/caddy.service
└─9204 /usr/bin/caddy run --environ --config /etc/caddy/Caddyfile
Jan 25 21:45:51 DietPi caddy[9204]: {"level":"error","ts":1674704751.2097552,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"music....","issuer":"acme-v02.api.letsencrypt.org-directory","error":"HTTP 429 urn:ietf:params:acme:error:rateLimited - Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/failed-validation-limit/"}
Jan 25 21:45:51 DietPi caddy[9204]: {"level":"info","ts":1674704751.2132967,"logger":"http","msg":"waiting on internal rate limiter","identifiers":["music...."],"ca":"https://acme.zerossl.com/v2/DV90","account":"@outlook.com"}
Jan 25 21:45:51 DietPi caddy[9204]: {"level":"info","ts":1674704751.2135754,"logger":"http","msg":"done waiting on internal rate limiter","identifiers":["music...."],"ca":"https://acme.zerossl.com/v2/DV90","account":"@outlook.com"}
Jan 25 21:45:51 DietPi caddy[9204]: {"level":"info","ts":1674704751.464759,"logger":"http.acme_client","msg":"trying to solve challenge","identifier":"fin....","challenge_type":"http-01","ca":"https://acme-v02.api.letsencrypt.org/directory"}
Jan 25 21:45:52 DietPi caddy[9204]: {"level":"info","ts":1674704752.9275746,"logger":"http.acme_client","msg":"trying to solve challenge","identifier":"music....","challenge_type":"http-01","ca":"https://acme.zerossl.com/v2/DV90"}
Jan 25 21:46:02 DietPi caddy[9204]: {"level":"error","ts":1674704762.143722,"logger":"http.acme_client","msg":"challenge failed","identifier":"fin....","challenge_type":"http-01","problem":{"type":"urn:ietf:params:acme:error:connection","title":"","detail":"104.246.161.18: Fetching http://fin..../.well-known/acme-challenge/Yk2bw4fHdkAfKk_Dfo83_6B5eQIqTDrEMZK5wUBpnIw: Timeout during connect (likely firewall problem)","instance":"","subproblems":[]}}
Jan 25 21:46:02 DietPi caddy[9204]: {"level":"error","ts":1674704762.1442165,"logger":"http.acme_client","msg":"validating authorization","identifier":"fin....","problem":{"type":"urn:ietf:params:acme:error:connection","title":"","detail":"104.246.161.18: Fetching http://fin..../.well-known/acme-challenge/Yk2bw4fHdkAfKk_Dfo83_6B5eQIqTDrEMZK5wUBpnIw: Timeout during connect (likely firewall problem)","instance":"","subproblems":[]},"order":"https://acme-v02.api.letsencrypt.org/acme/order/933905217/161039939797","attempt":1,"max_attempts":3}
Jan 25 21:46:03 DietPi caddy[9204]: {"level":"error","ts":1674704763.2676702,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"fin....","issuer":"acme-v02.api.letsencrypt.org-directory","error":"HTTP 429 urn:ietf:params:acme:error:rateLimited - Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/failed-validation-limit/"}
Jan 25 21:46:03 DietPi caddy[9204]: {"level":"info","ts":1674704763.2712905,"logger":"http","msg":"waiting on internal rate limiter","identifiers":["fin...."],"ca":"https://acme.zerossl.com/v2/DV90","account":"@outlook.com"}
Jan 25 21:46:03 DietPi caddy[9204]: {"level":"info","ts":1674704763.2716198,"logger":"http","msg":"done waiting on internal rate limiter","identifiers":["fin...."],"ca":"https://acme.zerossl.com/v2/DV90","account":"@outlook.com"}
d. My complete Caddy config:
{
http_port 8000
https_port 4443
# TLS Options
email ...@outlook.com
}
music.... {
reverse_proxy localhost:4533
}
fin.... {
reverse_proxy localhost:8097
}
3. The problem I’m having:
I’m trying to set up reverse proxy with https certificates to access self-hosted jellyfin and navidrome instances over the internet. I would like caddy to automatically run and allow access to my self-hosted instances c/w reverse proxy.
When starting caddy with sudo caddy start
or caddy start
as root I’m able to access my self-hosted jellyfin and navidrome instances successfully.
When starting caddy with systemctl start caddy
or systemctl restart caddy
I’m unable to access self-hosted jellyfin and navidrome instances over the internet.
4. Error messages and/or full log output:
Jan 25 22:12:20 DietPi systemd[1]: Started Caddy.
Jan 25 22:12:20 DietPi caddy[10475]: {"level":"info","ts":1674706340.4175725,"logger":"tls.obtain","msg":"acquiring lock","identifier":"fin...."}
Jan 25 22:12:20 DietPi caddy[10475]: {"level":"info","ts":1674706340.417566,"logger":"tls.obtain","msg":"acquiring lock","identifier":"music...."}
Jan 25 22:12:20 DietPi caddy[10475]: {"level":"info","ts":1674706340.421654,"msg":"serving initial configuration"}
Jan 25 22:12:20 DietPi caddy[10475]: {"level":"info","ts":1674706340.4324992,"logger":"tls.obtain","msg":"lock acquired","identifier":"fin...."}
Jan 25 22:12:20 DietPi caddy[10475]: {"level":"info","ts":1674706340.432842,"logger":"tls.obtain","msg":"obtaining certificate","identifier":"fin...."}
Jan 25 22:12:20 DietPi caddy[10475]: {"level":"debug","ts":1674706340.4329774,"logger":"events","msg":"event","name":"cert_obtaining","id":"347bb210-3335-475b-af84-18af5fbd6834","origin":"tls","data":{"identifier":"fin...."}}
Jan 25 22:12:20 DietPi caddy[10475]: {"level":"debug","ts":1674706340.433766,"logger":"tls.obtain","msg":"trying issuer 1/2","issuer":"acme-v02.api.letsencrypt.org-directory"}
Jan 25 22:12:20 DietPi caddy[10475]: {"level":"info","ts":1674706340.434251,"logger":"http","msg":"waiting on internal rate limiter","identifiers":["fin...."],"ca":"https://acme-v02.api.letsencrypt.org/directory","account":"@outlook.com"}
Jan 25 22:12:20 DietPi caddy[10475]: {"level":"info","ts":1674706340.434274,"logger":"http","msg":"done waiting on internal rate limiter","identifiers":["fin...."],"ca":"https://acme-v02.api.letsencrypt.org/directory","account":"@outlook.com"}
Jan 25 22:12:20 DietPi caddy[10475]: {"level":"info","ts":1674706340.43568,"logger":"tls.obtain","msg":"lock acquired","identifier":"music...."}
Jan 25 22:12:20 DietPi caddy[10475]: {"level":"info","ts":1674706340.4360452,"logger":"tls.obtain","msg":"obtaining certificate","identifier":"music...."}
Jan 25 22:12:20 DietPi caddy[10475]: {"level":"debug","ts":1674706340.43621,"logger":"events","msg":"event","name":"cert_obtaining","id":"7e2b9ad8-fb9c-4191-a2ec-bf33bbedebe3","origin":"tls","data":{"identifier":"music...."}}
Jan 25 22:12:20 DietPi caddy[10475]: {"level":"debug","ts":1674706340.437144,"logger":"tls.obtain","msg":"trying issuer 1/2","issuer":"acme-v02.api.letsencrypt.org-directory"}
Jan 25 22:12:20 DietPi caddy[10475]: {"level":"info","ts":1674706340.4376643,"logger":"http","msg":"waiting on internal rate limiter","identifiers":["music...."],"ca":"https://acme-v02.api.letsencrypt.org/directory","account":"@outlook.com"}
Jan 25 22:12:20 DietPi caddy[10475]: {"level":"info","ts":1674706340.4377048,"logger":"http","msg":"done waiting on internal rate limiter","identifiers":["music...."],"ca":"https://acme-v02.api.letsencrypt.org/directory","account":"@outlook.com"}
Jan 25 22:12:20 DietPi caddy[10475]: {"level":"debug","ts":1674706340.8364606,"logger":"http.acme_client","msg":"http request","method":"GET","url":"https://acme-v02.api.letsencrypt.org/directory","headers":{"User-Agent":["Caddy/2.6.2 CertMagic acmez (linux; arm64)"]},"response_headers":{"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["659"],"Content-Type":["application/json"],"Date":["Thu, 26 Jan 2023 04:12:20 GMT"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]},"status_code":200}
Jan 25 22:12:20 DietPi caddy[10475]: {"level":"debug","ts":1674706340.9173808,"logger":"http.acme_client","msg":"http request","method":"HEAD","url":"https://acme-v02.api.letsencrypt.org/acme/new-nonce","headers":{"User-Agent":["Caddy/2.6.2 CertMagic acmez (linux; arm64)"]},"response_headers":{"Cache-Control":["public, max-age=0, no-cache"],"Date":["Thu, 26 Jan 2023 04:12:20 GMT"],"Link":["<https://acme-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Replay-Nonce":["1DFAtcfKtG2R5k-3HAT8e7za4tJWKCW9enIPgwuRMmyvhAg"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]},"status_code":200}
Jan 25 22:12:20 DietPi caddy[10475]: {"level":"debug","ts":1674706340.9174416,"logger":"http.acme_client","msg":"http request","method":"HEAD","url":"https://acme-v02.api.letsencrypt.org/acme/new-nonce","headers":{"User-Agent":["Caddy/2.6.2 CertMagic acmez (linux; arm64)"]},"response_headers":{"Cache-Control":["public, max-age=0, no-cache"],"Date":["Thu, 26 Jan 2023 04:12:20 GMT"],"Link":["<https://acme-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Replay-Nonce":["C878O03e1aKfiJbOw42LbugKx61PVf1Dya3Knn25kgdJVo0"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]},"status_code":200}
Jan 25 22:12:21 DietPi caddy[10475]: {"level":"debug","ts":1674706341.0299933,"logger":"http.acme_client","msg":"http request","method":"POST","url":"https://acme-v02.api.letsencrypt.org/acme/new-order","headers":{"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.6.2 CertMagic acmez (linux; arm64)"]},"response_headers":{"Boulder-Requester":["933905217"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["213"],"Content-Type":["application/problem+json"],"Date":["Thu, 26 Jan 2023 04:12:20 GMT"],"Link":["<https://acme-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Replay-Nonce":["1AADGjQ9Tw6IyU75oqGesiaGvVgiaXH_8_GfbI1vpO1FENQ"],"Server":["nginx"]},"status_code":429}
Jan 25 22:12:21 DietPi caddy[10475]: {"level":"error","ts":1674706341.031146,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"fin....","issuer":"acme-v02.api.letsencrypt.org-directory","error":"HTTP 429 urn:ietf:params:acme:error:rateLimited - Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/failed-validation-limit/"}
Jan 25 22:12:21 DietPi caddy[10475]: {"level":"debug","ts":1674706341.0316668,"logger":"tls.obtain","msg":"trying issuer 2/2","issuer":"acme.zerossl.com-v2-DV90"}
Jan 25 22:12:21 DietPi caddy[10475]: {"level":"info","ts":1674706341.0336,"logger":"http","msg":"waiting on internal rate limiter","identifiers":["fin..."],"ca":"https://acme.zerossl.com/v2/DV90","account":"@outlook.com"}
Jan 25 22:12:21 DietPi caddy[10475]: {"level":"info","ts":1674706341.03409,"logger":"http","msg":"done waiting on internal rate limiter","identifiers":["fin...."],"ca":"https://acme.zerossl.com/v2/DV90","account":"@outlook.com"}
Jan 25 22:12:21 DietPi caddy[10475]: {"level":"debug","ts":1674706341.153209,"logger":"http.acme_client","msg":"http request","method":"POST","url":"https://acme-v02.api.letsencrypt.org/acme/new-order","headers":{"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.6.2 CertMagic acmez (linux; arm64)"]},"response_headers":{"Boulder-Requester":["933905217"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["347"],"Content-Type":["application/json"],"Date":["Thu, 26 Jan 2023 04:12:20 GMT"],"Link":["<https://acme-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Location":["https://acme-v02.api.letsencrypt.org/acme/order/933905217/161043729277"],"Replay-Nonce":["1DFAiqnDi_ga1Kb2xYAe-rnquMICYCwJmPDJr2sk8bzStIc"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]},"status_code":201}
Jan 25 22:12:21 DietPi caddy[10475]: {"level":"debug","ts":1674706341.2528968,"logger":"http.acme_client","msg":"http request","method":"POST","url":"https://acme-v02.api.letsencrypt.org/acme/authz-v3/198284221207","headers":{"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.6.2 CertMagic acmez (linux; arm64)"]},"response_headers":{"Boulder-Requester":["933905217"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["806"],"Content-Type":["application/json"],"Date":["Thu, 26 Jan 2023 04:12:21 GMT"],"Link":["<https://acme-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Replay-Nonce":["1DFAGJM9t_-K7VzDloKMvGG1OuWw38Cnq99XP_67rz8Wkp4"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]},"status_code":200}
Jan 25 22:12:21 DietPi caddy[10475]: {"level":"info","ts":1674706341.2553856,"logger":"http.acme_client","msg":"trying to solve challenge","identifier":"music....","challenge_type":"http-01","ca":"https://acme-v02.api.letsencrypt.org/directory"}
Jan 25 22:12:21 DietPi caddy[10475]: {"level":"debug","ts":1674706341.2585592,"logger":"http.acme_client","msg":"waiting for solver before continuing","identifier":"music....","challenge_type":"http-01"}
Jan 25 22:12:21 DietPi caddy[10475]: {"level":"debug","ts":1674706341.2754157,"logger":"http.acme_client","msg":"done waiting for solver","identifier":"music....","challenge_type":"http-01"}
Jan 25 22:12:21 DietPi caddy[10475]: {"level":"debug","ts":1674706341.3640244,"logger":"http.acme_client","msg":"http request","method":"POST","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/198284221207/qaK02w","headers":{"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.6.2 CertMagic acmez (linux; arm64)"]},"response_headers":{"Boulder-Requester":["933905217"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["187"],"Content-Type":["application/json"],"Date":["Thu, 26 Jan 2023 04:12:21 GMT"],"Link":["<https://acme-v02.api.letsencrypt.org/directory>;rel=\"index\"","<https://acme-v02.api.letsencrypt.org/acme/authz-v3/198284221207>;rel=\"up\""],"Location":["https://acme-v02.api.letsencrypt.org/acme/chall-v3/198284221207/qaK02w"],"Replay-Nonce":["C878BuB5r_ATJmJ2jJLYuHB7BjPA3RoBG_uDrwMMAQYa6a8"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]},"status_code":200}
Jan 25 22:12:21 DietPi caddy[10475]: {"level":"debug","ts":1674706341.3659306,"logger":"http.acme_client","msg":"challenge accepted","identifier":"music....","challenge_type":"http-01"}
Jan 25 22:12:21 DietPi caddy[10475]: {"level":"debug","ts":1674706341.4994946,"logger":"http.acme_client","msg":"http request","method":"GET","url":"https://acme.zerossl.com/v2/DV90","headers":{"User-Agent":["Caddy/2.6.2 CertMagic acmez (linux; arm64)"]},"response_headers":{"Access-Control-Allow-Origin":["*"],"Content-Length":["645"],"Content-Type":["application/json"],"Date":["Thu, 26 Jan 2023 04:12:21 GMT"],"Server":["nginx"],"Strict-Transport-Security":["max-age=15724800; includeSubDomains"]},"status_code":200}
Jan 25 22:12:21 DietPi caddy[10475]: {"level":"debug","ts":1674706341.7135167,"logger":"http.acme_client","msg":"http request","method":"POST","url":"https://acme-v02.api.letsencrypt.org/acme/authz-v3/198284221207","headers":{"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.6.2 CertMagic acmez (linux; arm64)"]},"response_headers":{"Boulder-Requester":["933905217"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["806"],"Content-Type":["application/json"],"Date":["Thu, 26 Jan 2023 04:12:21 GMT"],"Link":["<https://acme-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Replay-Nonce":["1DFAYGtAAyXDWUuXt2QVWVSSP9dkBRlIgjAA1uIVxSGM2hw"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]},"status_code":200}
Jan 25 22:12:22 DietPi caddy[10475]: {"level":"debug","ts":1674706342.048545,"logger":"http.acme_client","msg":"http request","method":"POST","url":"https://acme-v02.api.letsencrypt.org/acme/authz-v3/198284221207","headers":{"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.6.2 CertMagic acmez (linux; arm64)"]},"response_headers":{"Boulder-Requester":["933905217"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["806"],"Content-Type":["application/json"],"Date":["Thu, 26 Jan 2023 04:12:21 GMT"],"Link":["<https://acme-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Replay-Nonce":["1AAD60Yc9kBIT-5liVy9ee72NufPcdMI7IOHwr9cHZSqSs4"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]},"status_code":200}
Jan 25 22:12:22 DietPi caddy[10475]: {"level":"debug","ts":1674706342.3824167,"logger":"http.acme_client","msg":"http request","method":"POST","url":"https://acme-v02.api.letsencrypt.org/acme/authz-v3/198284221207","headers":{"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.6.2 CertMagic acmez (linux; arm64)"]},"response_headers":{"Boulder-Requester":["933905217"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["806"],"Content-Type":["application/json"],"Date":["Thu, 26 Jan 2023 04:12:22 GMT"],"Link":["<https://acme-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Replay-Nonce":["1DFAfqRq18d7R1cLd71Wh74-vtXo9ZkkzWA5gx10-ou1fCY"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]},"status_code":200}
Jan 25 22:12:22 DietPi caddy[10475]: {"level":"debug","ts":1674706342.7226925,"logger":"http.acme_client","msg":"http request","method":"POST","url":"https://acme-v02.api.letsencrypt.org/acme/authz-v3/198284221207","headers":{"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.6.2 CertMagic acmez (linux; arm64)"]},"response_headers":{"Boulder-Requester":["933905217"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["806"],"Content-Type":["application/json"],"Date":["Thu, 26 Jan 2023 04:12:22 GMT"],"Link":["<https://acme-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Replay-Nonce":["1DFAXmymH8rCA7Hk_DVzfnkDSsCW16iQz0tz2nFYxZxbEDY"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]},"status_code":200}
Jan 25 22:12:23 DietPi caddy[10475]: {"level":"debug","ts":1674706343.0766695,"logger":"http.acme_client","msg":"http request","method":"POST","url":"https://acme-v02.api.letsencrypt.org/acme/authz-v3/198284221207","headers":{"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.6.2 CertMagic acmez (linux; arm64)"]},"response_headers":{"Boulder-Requester":["933905217"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["806"],"Content-Type":["application/json"],"Date":["Thu, 26 Jan 2023 04:12:22 GMT"],"Link":["<https://acme-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Replay-Nonce":["371CvGeXkuXSFIEvlwU7g1w3g_YqmSd2B71UC-W0nnYFLH4"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]},"status_code":200}
Jan 25 22:12:23 DietPi caddy[10475]: {"level":"debug","ts":1674706343.4167323,"logger":"http.acme_client","msg":"http request","method":"POST","url":"https://acme-v02.api.letsencrypt.org/acme/authz-v3/198284221207","headers":{"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.6.2 CertMagic acmez (linux; arm64)"]},"response_headers":{"Boulder-Requester":["933905217"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["806"],"Content-Type":["application/json"],"Date":["Thu, 26 Jan 2023 04:12:23 GMT"],"Link":["<https://acme-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Replay-Nonce":["371Caw1LaHDWPLtlFjwcyJLQ1FGDy4rHuZlCZJPTixmEnYk"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]},"status_code":200}
Jan 25 22:12:23 DietPi caddy[10475]: {"level":"debug","ts":1674706343.7511003,"logger":"http.acme_client","msg":"http request","method":"POST","url":"https://acme-v02.api.letsencrypt.org/acme/authz-v3/198284221207","headers":{"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.6.2 CertMagic acmez (linux; arm64)"]},"response_headers":{"Boulder-Requester":["933905217"],"Cache-Control":["public, max-age=0, no-cache"],"Content-Length":["806"],"Content-Type":["application/json"],"Date":["Thu, 26 Jan 2023 04:12:23 GMT"],"Link":["<https://acme-v02.api.letsencrypt.org/directory>;rel=\"index\""],"Replay-Nonce":["1AAD4ciAuSq8F7kxZxAepkcOnIevxsKuRMMPoNy4aKPObZ4"],"Server":["nginx"],"Strict-Transport-Security":["max-age=604800"],"X-Frame-Options":["DENY"]},"status_code":200}
Please see caddy journalctl -u caddy --no-pager - Pastes.io for full log.
5. What I already tried:
I’ve tried slinging a bunch of things at the wall but nothing seems to stick
Uninstalled with apt remove caddy and re-installed via static binary and got same result.
Tried altering my port forwards in my router interface but realised that is not the issue as it does properly forward when sudo caddy start
is utilized.
Copied pki/authorities/local/root.crt
to /usr/local/share/ca-certificates/
and updated CA store with sudo update-ca-certificates
.
Deleted contents of /usr/local/share/ca-certificates/
and updated CA store with sudo update-ca-certificates --fresh
followed by reinstalling caddy with apt install caddy
.