Safari fails on wifi in a cade but not when I use my iPhone for the wifi

gedw99 · February 11, 2025, 11:47pm

1. The problem I’m having:

What are you trying to do?

Get caddy working on Mac with all browsers using localhost and localhost subdomain.

caddyfile

Caddyfile

log {
	output stdout
	format console
	level DEBUG
}

admin :2019

}

https://localhost

localhost {
file_server {
root {$CADDY_RUN_VAR_BROWSE_PATH}
browse
}

}

https://hello.localhost

hello.localhost {
respond “Hello world!”
}

https://app.localhost

app.localhost {
reverse_proxy {$CADDY_RUN_VAR_PROXY_PATH_PORT}
}

https://wasm.localhost

wasm.localhost {
respond “Hello world wasm !”
}

What isn’t working?

Safari is not working. FF and Chrome always works.

When I use the cafe wifi, safari subdomains fail.
When I use my iPhone for the wifi, safari works.
Under all conditions FF and chrome works.

curl -vL https://app.localhost works always.

3. Caddy version:

master off GitHub.
darwin, arm64

4. How I installed and ran Caddy:

go build -tags=nobadger,nomysql,nopgx -trimpath -ldflags=“-w -s” -v

a. System environment:

latest Mac.

b. Command:

caddy run --config /Users/apple/workspace/go/src/github.com/gedw99/kanka-cloudflare/modules/cadd-try/infogulch__xtemplate/…/…/.dep/caddy_config_caddyfile --adapter caddyfile --watch

c. Service/unit/compose file:

not using docker.

PASTE OVER THIS, BETWEEN THE ``` LINES.
Please use the preview pane to ensure it looks nice.

d. My complete Caddy config:

PASTE OVER THIS, BETWEEN THE ``` LINES.
Please use the preview pane to ensure it looks nice.

5. Links to relevant resources:

I need a way to work out why being on the wifi screws up caddy with Safari.

My end users run caddy on their Desktops as an edge network, and I need a way to diagnose what it is about the network that screws it up for Safari.

hmoffatt · February 12, 2025, 4:47am

Your certificate for localhost would be self-signed and Safari wouldn’t trust it unless you added Caddy’s CA certificate to the certificate store. You should have also gotten warnings about this in other browsers.

TheRettom · February 13, 2025, 1:53am

@hmoffatt is correct. Automatic HTTPS with localhost will show security errors unless it trusts Caddy’s root CA certificate. Local HTTPS does not use ACME nor does it perform any DNS validation. It works only on the local machine and is trusted only where the CA’s root certificate is installed.

The easy way to work around this is to use a free domain provider like DuckDNS instead of localhost, which will allow clients to automatically trust the certificate. If you’d like help setting that up, let me know. Otherwise, manual installation is necessary.

system · March 15, 2025, 1:53am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.