Self-signed TLS doesn't work with proxy

(Stavros Korokithakis) #1

I have this very simple Caddyfile: {
    tls self_signed
    proxy / localhost:8080

This produces TLS certificate errors in the browser (SSL_ERROR_INTERNAL_ERROR_ALERT, not just an “untrusted” message). Removing the proxy directive makes Caddy issue a proper self-signed cert with no errors.

(Matt Holt) #2

Which version of Caddy are you using? Or are you building from source.

(Stavros Korokithakis) #3

Sorry, I’m using the latest one on the site, 0.10.11, with just the stock free license option and no plugins.

(Matthew Fay) #4

Looks like, except for the fact that proxy is provoking the issue.

(Matt Holt) #5

Confirmed, but this is not affected by the proxy directive. That must be something else.

The next release will allow the use of IP addresses in self-signed certificates. As a workaround for now, use :443 as the site address, rather than using

(Matt Holt) #6

For anyone following along at home, the fix is in