Simple reverser proxy returning SSL_ERROR_INTERNAL_ERROR_ALERT

1. The problem I’m having:

In our company, I have an Ubuntu server that is not visible from the internet and until recently could only be accessed on port 22. I want to use it for local testing of webapps and therefore asked for ports 80 and 443 to be open.
As a minimal test, I run python -m http.server 8080 and then test port 80 with sudo caddy reverse-proxy --from :80 --to :8080 - this works.
However, where I try port 443 with sudo caddy reverse-proxy --to :8080, I get SSL_ERROR_INTERNAL_ERROR_ALERT in my browser.
Using curl -vL https://or-miniserver.sintef.no returns:

* Host or-miniserver.sintef.no:443 was resolved.
* IPv6: (none)
* IPv4: 10.218.6.71
*   Trying 10.218.6.71:443...
* Connected to or-miniserver.sintef.no (10.218.6.71) port 443
* schannel: disabled automatic use of client certificate
* ALPN: curl offers http/1.1
* schannel: next InitializeSecurityContext failed: SEC_E_ILLEGAL_MESSAGE (0x80090326) - This error usually occurs when a fatal SSL/TLS alert is received (e.g. handshake failed). More detail may be available in the Windows System event log.
* closing connection #0
curl: (35) schannel: next InitializeSecurityContext failed: SEC_E_ILLEGAL_MESSAGE (0x80090326) - This error usually occurs when a fatal SSL/TLS alert is received (e.g. handshake failed). More detail may be available in the Windows System event log.

What am I missing? (This is the first time I am trying Caddy…)

2. Error messages and/or full log output:

Log from the terminal:

$ sudo caddy reverse-proxy --to :8080
2025/04/30 08:34:10.400 WARN    admin   admin endpoint disabled
2025/04/30 08:34:10.400 INFO    http.auto_https server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS {"server_name": "proxy", "https_port": 443}
2025/04/30 08:34:10.400 INFO    http.auto_https enabling automatic HTTP->HTTPS redirects        {"server_name": "proxy"}
2025/04/30 08:34:10.400 INFO    tls.cache.maintenance   started background certificate maintenance      {"cache": "0xc0004b4780"}
2025/04/30 08:34:10.401 INFO    pki.ca.local    root certificate is already trusted by system   {"path": "storage:pki/authorities/local/root.crt"}
2025/04/30 08:34:10.401 INFO    http    enabling HTTP/3 listener        {"addr": ":443"}
2025/04/30 08:34:10.401 INFO    http.log        server running  {"name": "proxy", "protocols": ["h1", "h2", "h3"]}
2025/04/30 08:34:10.401 WARN    http    HTTP/2 skipped because it requires TLS  {"network": "tcp", "addr": ":80"}
2025/04/30 08:34:10.401 WARN    http    HTTP/3 skipped because it requires TLS  {"network": "tcp", "addr": ":80"}
2025/04/30 08:34:10.401 INFO    http.log        server running  {"name": "remaining_auto_https_redirects", "protocols": ["h1", "h2", "h3"]}
2025/04/30 08:34:10.401 INFO    http    enabling automatic TLS certificate management   {"domains": ["localhost"]}
2025/04/30 08:34:10.401 INFO    caddy proxying  {"from": "https://localhost", "to": [":8080"]}
2025/04/30 08:34:10.405 INFO    tls     storage cleaning happened too recently; skipping for now        {"storage": "FileStorage:/root/.local/share/caddy", "instance": "4482d726-f6ad-4a1d-9a82-f8d87d0d8e76", "try_again": "2025/05/01 08:34:10.405", "try_again_in": 86399.999999728}
2025/04/30 08:34:10.405 INFO    tls     finished cleaning storage units

3. Caddy version:

v2.10.0 h1:fonubSaQKF1YANl8TXqGcn4IbIRUDdfAkpcsfI/vX5U=

4. How I installed and ran Caddy:

a. System environment:

Ubuntu 22.04.5 LTS, on bare metal
Installed from PPA, following instructions from [Install — Caddy Documentation]

b. Command:

sudo caddy reverse-proxy --to :8080

c. Service/unit/compose file:

N/A

d. My complete Caddy config:

No config file

5. Links to relevant resources: