This site can’t provide a secure connection

First of all, the site search isn’t working for me with my Chromium Version 67.0.3396.99 (Official Build) Built on Ubuntu , running on Ubuntu 18.04 (64-bit)
So I’m sorry if it has been asked before.

The thing is, I’ve been following the excellent article
from Installing Caddy Server on Ubuntu
word for word, but I can’t get HTTPS working for any obvious reasons.

So let me walk my attempts step by step here.

Step 2: Testing Your Website

Yeah, I got that step right – I can visit localhost:2015 and see my own Website.

Step 3 : Setting up HTTPS

This is where I’m having trouble. Here are the detailed logs, with everything real…

… content dramatically remove in order to survive the 4-link max new user posing rule …

caddy -host

Everything looks good when visiting my site ( via HTTP:

I can see

404 Site is not served on this interface

which I presume is served from/by caddy.

Now, when visiting my site with HTTPS,, I get:

This site can’t provide a secure connection sent an invalid response.

What’s wrong?
Is it that caddy doesn’t support visiting sites by IP?


Hey @xpt, welcome to the Caddy community.

You can put your content in code blocks (triple backticks, ```) and they won’t count as links. This makes Caddyfiles, logs, etc. much easier to read, too.

Caddy’s not serving requests for the hostname, it’s serving This is why you get this response:

404 Site is not served on this interface

Instead of, say, file not found.

Now, when it comes time to check HTTPS, one thing you should know right off the bat is that outside of, you’ll rarely/never see valid HTTPS certificates issued for IP addresses. LetsEncrypt definitely won’t, so unless you get one through your own methods and provide it, Caddy can’t serve an IP address with valid HTTPS. In fact, using an IP address as the hostname for your site will disable Automatic HTTPS.

The other thing you should know is that if Caddy receives a HTTPS request for a site it doesn’t serve, it will refuse to send a HTTPS certificate, which will break TLS negotiation and cause your browser to show an error.

Now you’ve got, realistically, two options:

  1. Start browsing to instead of your IP.
  2. Change your Caddyfile to serve your IP address with a self-signed certificate.

The latter looks like this: {
  tls self_signed

Or, if you’re not using a Caddyfile, you can invoke Caddy like this to achieve the same result:

caddy -host "tls self_signed"

This still won’t be valid, but Caddy will serve the site when you browse to, so you’ll need to click through a browser warning about the invalid certificate.

1 Like

Thank you @Whitestrake for your extremely comprehensive explanation.

Now I felt guilty for not having posted the full log, which shows that everything looks good from the log.

… (no) valid HTTPS certificates issued for IP addresses…using an IP address as the hostname for your site will disable Automatic HTTPS

Gotya. THX a lot!

1 Like

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.