1. Caddy version (caddy version
):
v2.4.6 h1:HGkGICFGvyrodcqOOclHKfvJC0qTU7vny/7FhYp9hNw=
2. How I run Caddy:
Standard Ubuntu package, through systemd.
a. System environment:
Ubuntu 20.04.3 LTS
Linux app 5.4.0-90-generic #101-Ubuntu SMP Fri Oct 15 20:00:55 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux
through systemd
b. Command:
from the package
c. Service/unit/compose file:
from the package
d. My complete Caddyfile or JSON config:
Caddyfile:
{
email "foo@domainx.com"
acme_ca "https://acme-staging-v02.api.letsencrypt.org/directory"
}
import snippets/*
laravel "domainx.com" "/home/tcurdt/web"
Snippet:
(laravel) {
{args.0} {
root * {args.1}/public
encode zstd gzip
file_server
tls internal
}
}
3. The problem I’m having:
The domain has not been modified to point to the IP yet. TLS is configured to be using the internal CA. So I only expect a self-signed cert until I change the DNS entry and remove the tls internal
. Now I want to test the site.
I am trying to connect with curl
but get an “internal error” on the TLS HELLO.
$ curl -vk --resolve domainx.com:443:23.88.46.20 https://domainx.com
* Added domainx.com:443:23.88.46.20 to DNS cache
* Hostname domainx.com was found in DNS cache
* Trying 23.88.46.20:443...
* Connected to domainx.com (23.88.46.20) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/cert.pem
* CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS alert, internal error (592):
* error:14004438:SSL routines:CONNECT_CR_SRVR_HELLO:tlsv1 alert internal error
* Closing connection 0
curl: (35) error:14004438:SSL routines:CONNECT_CR_SRVR_HELLO:tlsv1 alert internal error
What am I missing here?
4. Error messages and/or full log output:
see above
5. What I already tried:
see above
6. Links to relevant resources:
none