Trying to get a simple response from curl

1. Caddy version (caddy version):

Caddy v2.2.1

2. How I run Caddy:

Run it as a service with caddy.service and systemctl on localhost

a. System environment:

Ubuntu 20.04 (LTS) x64, systemctl

b. Command:

I’m trying to just get a “hello world” to show up.

curl http://localhost
curl https://localhost

c. Service/unit/compose file:


  GNU nano 4.8                                                    /etc/systemd/system/caddy.service
# caddy.service
# For using Caddy with a config file.
# Make sure the ExecStart and ExecReload commands are correct
# for your installation.
# See for instructions.
# WARNING: This service does not use the --resume flag, so if you
# use the API to make changes, they will be overwritten by the
# Caddyfile next time the service is restarted. If you intend to
# use Caddy's API to configure it, add the --resume flag to the
# `caddy run` command or use the caddy-api.service file instead.


ExecStart=/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile
ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile


d. My complete Caddyfile or JSON config:


respond "Hello, world!"

3. The problem I’m having:

https shows error. http shows nothing, just a return

4. Error messages and/or full log output:

curl https://localhost shows:

curl: (60) SSL certificate problem: unable to get local issuer certificate
More details here:

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.

and curl http://localhost show nothing

5. What I already tried:

Tried reloading after config changes: sudo systemctl reload caddy

6. Links to relevant resources:

Following tutorials here: Install — Caddy Documentation and Caddyfile Quick-start — Caddy Documentation

Caddy needs elevated privileges for local HTTPS to work automatically: Automatic HTTPS — Caddy Documentation

You can run caddy trust to do this manually (make sure to run as the same user as the system service, not your own user account), or install the root certificate into your trust stores manually as a last resort.

Thank you Matt. Can you elaborate on this line “make sure to run as the same user as the system service”. How do I figure out what user that is? I just did some googling and figured out I can run a command as a different user like sudo -u [different-user] caddy trust. Does that look right?

More or less, yeah. I usually use sudo -u caddy -H -s to start a shell as that user.

Thanks! I tried that and getting an error.

That might be fine, and due to limitations in the underlying library that does the trust operations.

Try curl again… if it still doesn’t work, just install the cert manually.

This topic was automatically closed after 30 days. New replies are no longer allowed.