1. Caddy version (caddy version
):
v2.3.0
2. How I run Caddy:
I run caddy as a service on a raspberry PI
a. System environment:
Installed as instructed on this site as a service in RPi 4
b. Command:
sudo caddy run
c. Service/unit/compose file:
paste full file contents here
d. My complete Caddyfile or JSON config:
service-1.nl {
reverse_proxy * http://192.168.3.201:5000
}
service-2.nl {
reverse_proxy * 192.168.3.200:31417
}
3. The problem I’m having:
On my network I run two synology servers, a home automation server and a wordpress website on one of the synology’s. I want to access them through different domains:
www.service-1.nl should lead to Synology 1 over http on 192.168.3.201:5000
www.service-2.nl should lead to Synology 2 over http on 192.168.3.200:31417
I don’t bother about the rest right now, as I can’t get this to work.
When I try to access the services, I get ERR_SSL_PROTOCOL_ERROR
4. Error messages and/or full log output:
pi@raspberrypi:~ $ sudo caddy run
2021/01/21 20:01:19.704 INFO using adjacent Caddyfile
2021/01/21 20:01:19.710 INFO admin admin endpoint started {"address": "tcp/localhost:2019", "enforce_origin": false, "origins": ["localhost:2019", "[::1]:2019", "127.0.0.1:2019"]}
2021/01/21 20:01:19.711 INFO tls.cache.maintenance started background certificate maintenance {"cache": "0x311ba40"}
2021/01/21 20:01:19.711 INFO http server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS {"server_name": "srv0", "https_port": 443}
2021/01/21 20:01:19.711 INFO http enabling automatic HTTP->HTTPS redirects {"server_name": "srv0"}
2021/01/21 20:01:19.713 INFO http enabling automatic TLS certificate management {"domains": ["service-1.nl", "service-2.nl"]}
2021/01/21 20:01:19.722 INFO autosaved config {"file": "/root/.config/caddy/autosave.json"}
2021/01/21 20:01:19.722 INFO serving initial configuration
2021/01/21 20:01:19.790 INFO tls cleaned up storage units
5. What I already tried:
I read through the tutorials and this forum for answers. I just found the wiki that was posted a little bit earlier, but couldn’t find the mistake. I can ping my the services from my phone, from inside and outside the network.
When I turn to http, it works:
http://www.service-1.nl {
reverse_proxy * http://192.168.3.201:5000
}
http://www.service-2.nl {
reverse_proxy * 192.168.3.200:31417
}
So there is something wrong in the certification process.