Thank you,
I got a lot further, but as a beginner, I still have some issue. curl-command opens a websocket connection with wss://caddy.local/ws
but not with https://caddy.local/ws
nor caddy local/ws
. caddy.local
does not request websocket
and works fine.
Caddyfile trial
caddy.local {
@websockets {
header Connection *Upgrade*
header Upgrade websocket
}
reverse_proxy @websockets http://127.0.0.1:8000
reverse_proxy http://127.0.0.1:8000
log {
output file caddy_log.json
format json
# level <level>
}
}
server side
@app.websocket("/ws")
async def websocket_endpoint(websocket: WebSocket):
print('server waiting websocket')
await websocket.accept()
print('accepted')
while True:
...
Three curl -vL tests
success: curl -vL caddy.local
* Host caddy.local:80 was resolved.
* IPv6: (none)
* IPv4: 127.0.0.3
* Trying 127.0.0.3:80...
* Connected to caddy.local (127.0.0.3) port 80
* using HTTP/1.x
> GET / HTTP/1.1
> Host: caddy.local
> User-Agent: curl/8.12.1
> Accept: */*
>
* Request completely sent off
< HTTP/1.1 308 Permanent Redirect
< Connection: close
< Location: https://caddy.local/
< Server: Caddy
< Date: Tue, 01 Apr 2025 10:19:38 GMT
< Content-Length: 0
<
* shutting down connection #0
* Clear auth, redirects to port from 80 to 443
* Issue another request to this URL: 'https://caddy.local/'
* Host caddy.local:443 was resolved.
* IPv6: (none)
* IPv4: 127.0.0.3
* Trying 127.0.0.3:443...
* ALPN: curl offers h2,http/1.1
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_128_GCM_SHA256 / x25519 / id-ecPublicKey
* ALPN: server accepted h2
* Server certificate:
* subject:
* start date: Apr 1 05:41:37 2025 GMT
* expire date: Apr 1 17:41:37 2025 GMT
* subjectAltName: host "caddy.local" matched cert's "caddy.local"
* issuer: CN=Caddy Local Authority - ECC Intermediate
* SSL certificate verify ok.
* Certificate level 0: Public key type EC/prime256v1 (256/128 Bits/secBits), signed using ecdsa-with-SHA256
* Certificate level 1: Public key type EC/prime256v1 (256/128 Bits/secBits), signed using ecdsa-with-SHA256
* Certificate level 2: Public key type EC/prime256v1 (256/128 Bits/secBits), signed using ecdsa-with-SHA256
* Connected to caddy.local (127.0.0.3) port 443
* using HTTP/2
* [HTTP/2] [1] OPENED stream for https://caddy.local/
* [HTTP/2] [1] [:method: GET]
* [HTTP/2] [1] [:scheme: https]
* [HTTP/2] [1] [:authority: caddy.local]
* [HTTP/2] [1] [:path: /]
* [HTTP/2] [1] [user-agent: curl/8.12.1]
* [HTTP/2] [1] [accept: */*]
> GET / HTTP/2
> Host: caddy.local
> User-Agent: curl/8.12.1
> Accept: */*
>
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* Request completely sent off
< HTTP/2 200
< alt-svc: h3=":443"; ma=2592000
< content-type: application/json
< date: Tue, 01 Apr 2025 10:19:38 GMT
< server: Caddy
< server: uvicorn
< content-length: 37
<
* Connection #1 to host caddy.local left intact
{"message":"Slideshow in /slideshow"}```
FAIL curl -vL caddy.local/ws
* Host caddy.local:80 was resolved.
* IPv6: (none)
* IPv4: 127.0.0.3
* Trying 127.0.0.3:80...
* Connected to caddy.local (127.0.0.3) port 80
* using HTTP/1.x
> GET /ws HTTP/1.1
> Host: caddy.local
> User-Agent: curl/8.12.1
> Accept: */*
>
* Request completely sent off
< HTTP/1.1 308 Permanent Redirect
< Connection: close
< Location: https://caddy.local/ws
< Server: Caddy
< Date: Tue, 01 Apr 2025 10:23:36 GMT
< Content-Length: 0
<
* shutting down connection #0
* Clear auth, redirects to port from 80 to 443
* Issue another request to this URL: 'https://caddy.local/ws'
* Host caddy.local:443 was resolved.
* IPv6: (none)
* IPv4: 127.0.0.3
* Trying 127.0.0.3:443...
* ALPN: curl offers h2,http/1.1
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_128_GCM_SHA256 / x25519 / id-ecPublicKey
* ALPN: server accepted h2
* Server certificate:
* subject:
* start date: Apr 1 05:41:37 2025 GMT
* expire date: Apr 1 17:41:37 2025 GMT
* subjectAltName: host "caddy.local" matched cert's "caddy.local"
* issuer: CN=Caddy Local Authority - ECC Intermediate
* SSL certificate verify ok.
* Certificate level 0: Public key type EC/prime256v1 (256/128 Bits/secBits), signed using ecdsa-with-SHA256
* Certificate level 1: Public key type EC/prime256v1 (256/128 Bits/secBits), signed using ecdsa-with-SHA256
* Certificate level 2: Public key type EC/prime256v1 (256/128 Bits/secBits), signed using ecdsa-with-SHA256
* Connected to caddy.local (127.0.0.3) port 443
* using HTTP/2
* [HTTP/2] [1] OPENED stream for https://caddy.local/ws
* [HTTP/2] [1] [:method: GET]
* [HTTP/2] [1] [:scheme: https]
* [HTTP/2] [1] [:authority: caddy.local]
* [HTTP/2] [1] [:path: /ws]
* [HTTP/2] [1] [user-agent: curl/8.12.1]
* [HTTP/2] [1] [accept: */*]
> GET /ws HTTP/2
> Host: caddy.local
> User-Agent: curl/8.12.1
> Accept: */*
>
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* Request completely sent off
< HTTP/2 404
< alt-svc: h3=":443"; ma=2592000
< content-type: application/json
< date: Tue, 01 Apr 2025 10:23:36 GMT
< server: Caddy
< server: uvicorn
< content-length: 22
<
* Connection #1 to host caddy.local left intact
{"detail":"Not Found"}
SUCCESS (?) curl -vL wss://caddy.local/ws
* Host caddy.local:443 was resolved.
* IPv6: (none)
* IPv4: 127.0.0.3
* Trying 127.0.0.3:443...
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_128_GCM_SHA256 / x25519 / id-ecPublicKey
* Server certificate:
* subject:
* start date: Apr 1 05:41:37 2025 GMT
* expire date: Apr 1 17:41:37 2025 GMT
* subjectAltName: host "caddy.local" matched cert's "caddy.local"
* issuer: CN=Caddy Local Authority - ECC Intermediate
* SSL certificate verify ok.
* Certificate level 0: Public key type EC/prime256v1 (256/128 Bits/secBits), signed using ecdsa-with-SHA256
* Certificate level 1: Public key type EC/prime256v1 (256/128 Bits/secBits), signed using ecdsa-with-SHA256
* Certificate level 2: Public key type EC/prime256v1 (256/128 Bits/secBits), signed using ecdsa-with-SHA256
* Connected to caddy.local (127.0.0.3) port 443
* using HTTP/1.x
> GET /ws HTTP/1.1
> Host: caddy.local
> User-Agent: curl/8.12.1
> Accept: */*
> Upgrade: websocket
> Connection: Upgrade
> Sec-WebSocket-Version: 13
> Sec-WebSocket-Key: MrU33WLxUqqVRKYeqBhiKQ==
>
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* Request completely sent off
< HTTP/1.1 101 Switching Protocols
< Alt-Svc: h3=":443"; ma=2592000
< Connection: Upgrade
< Date: Tue, 01 Apr 2025 10:27:56 GMT
< Sec-WebSocket-Accept: AQjQteJFysFB0hERbbVO8ZYngGY=
< Server: Caddy
< Server: uvicorn
< Upgrade: websocket
<
* Received 101, switch to WebSocket; mask 78194a98
* WS: auto-respond to PING with a PONG
* WS-ENC: sending [PONG payload=0/4]
* WS-ENC: buffered [PONG payload=4/4]
* WS: flushed 10 bytes