1. My Caddy version (caddy -version
): Caddy v1.0.4
2. How I run Caddy:
a. System environment: FreeNas Jail - FreeBSD Version 11.2-RELEASE-p6
b. Command: service caddy start
d. My complete Caddyfile:
foo.site {
root /usr/local/www/foo.site
tls {
dns namecheap
}
}
http://plex.foo.site {
proxy / 192.168.1.102:32400 {
transparent
}
tls {
dns namecheap
}
}
http://nextcloud.foo.site {
proxy / 192.168.1.103 {
transparent
}
tls {
dns namecheap
}
}
http://shinobi.foo.site {
proxy / 192.168.1.104:8080 {
transparent
websocket
}
tls {
dns namecheap
}
}
3. The problem I’m having:
I am successfully hosting Caddy inside a FreeNas jail. I’m able to run a locally served file system website at the address “foo.site”. Caddy is able to successfully register an SSL certificate for this site. I also reverse proxy to three other sites, which are subdomains of “foo.site”. However, when attempting to remove “http://” from the Caddy file to initiate the SSL certificate registration and creation process, I receive an error in caddy.log file:
4. Error messages and/or full log output:
2020/01/08 07:36:27 [INFO] [shinobi.foo.site] acme: Obtaining bundled SAN certificate
2020/01/08 07:36:27 [INFO] [shinobi.foo.site] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/2176895688
2020/01/08 07:36:27 [INFO] [shinobi.foo.site] acme: Could not find solver for: tls-alpn-01
2020/01/08 07:36:27 [INFO] [shinobi.foo.site] acme: Could not find solver for: http-01
2020/01/08 07:36:27 [INFO] [shinobi.foo.site] acme: use dns-01 solver
2020/01/08 07:36:27 [INFO] [shinobi.foo.site] acme: Preparing to solve DNS-01
2020/01/08 07:36:27 [INFO] [shinobi.foo.site] acme: Cleaning DNS-01 challenge
2020/01/08 07:36:28 [WARN] [shinobi.foo.site] acme: error cleaning up: namecheap: Invalid request IP: 70.110.180.2 [1011150]
2020/01/08 07:36:28 [INFO] Deactivating auth: https://acme-v02.api.letsencrypt.org/acme/authz-v3/2176895688
2020/01/08 07:36:28 [ERROR][shinobi.foo.site] failed to obtain certificate: acme: Error -> One or more domains had a problem:
[shinobi.foo.site] [shinobi.foo.site] acme: error presenting token: namecheap: Invalid request IP: 70.110.180.2 [1011150] (attempt 3/3; challenge=dns-01)
2020/01/08 07:36:29 failed to obtain certificate: acme: Error -> One or more domains had a problem:
[shinobi.foo.site] [shinobi.foo.site] acme: error presenting token: namecheap: Invalid request IP: 70.110.180.2 [1011150]
5. What I already tried:
Since the root domain for the locally hosted site is working properly, I know that both Caddy and the included NameCheap plugin are working correctly.
I believe my local network’s DNS server is providing the correct DNS record to Caddy:
nslookup shinobi.foo.site
Server: DD-WRT
Address: 192.168.1.1
Name: shinobi.foo.site
Address: 70.110.180.2
In addition, I believe my NameCheap “Advanced DNS” configuration has been set up properly. I have no problems accessing any of the sites when outside of my local network:
Type Host Value TTL
A Record @ 70.110.180.2 Automatic
A Record nextcloud 70.110.180.2 Automatic
A Record plex 70.110.180.2 Automatic
A Record shinobi 70.110.180.2 Automatic
Ideally, I’d prefer it if I could configure Caddy to register a Wild Card Certificate for foo.site, and then have that used to secure all of the *.foo.site subdomains… but I have no idea if this is possible.
Any guidance or assistance anyone can provide will be greatly appreciated. Thanks very much!