Hi Matt et al,
In reference to an older issue, Error reading preface from client - #2 by jacob
Hi, I’m a maintainer of https://github.com/swarmstack/swarmstack, which uses Caddy. At the time of the above issue, it was mentioned that there were no known ill side-effects. I’m facing an issue with the reauth module, and wondering if this might be the culprit. When adding the “failure” line below, HTTPS connections to the Caddy port/path log the output (bottom), and immediately the redirect occurs (successfully). No authentication dialog is presented first. If I remove the failure line, authentication occurs normally. However, if the authentication fails (user mistypes credentials) then a Caddy server error is encountered. I’d like to instead redirect them to the page to attempt the authentication again (or if unsupported behavior then just redirect the user to a static page).
:9090 {
tls self_signed
errors stderr
reauth {
path /
ldap url=ldaps://REMOVED(objectClass=user)(uid=%s))"
failure redirect target=https://somehost.example.com/?redir={uri}/,code=303
}
proxy / prometheus:9090 {
transparent
}
}
swarmstack_caddy.1.qvk7ufy3y4t5@swarm02.example.com | 2018/10/18 15:46:12 http2: server: error reading preface from client 10.255.0.2:52215: remote error: tls: bad certificate
swarmstack_caddy.1.qvk7ufy3y4t5@swarm02.example.com | 2018/10/18 15:47:32 http2: server: error reading preface from client 10.255.0.2:52234: remote error: tls: bad certificate