Trying to get a simple response from curl

dmikester1 · December 3, 2020, 4:53pm

1. Caddy version (`caddy version`):

Caddy v2.2.1

2. How I run Caddy:

Run it as a service with caddy.service and systemctl on localhost

a. System environment:

Ubuntu 20.04 (LTS) x64, systemctl

b. Command:

I’m trying to just get a “hello world” to show up.

curl http://localhost
curl https://localhost

c. Service/unit/compose file:

caddy.service

  GNU nano 4.8                                                    /etc/systemd/system/caddy.service
# caddy.service
#
# For using Caddy with a config file.
#
# Make sure the ExecStart and ExecReload commands are correct
# for your installation.
#
# See https://caddyserver.com/docs/install for instructions.
#
# WARNING: This service does not use the --resume flag, so if you
# use the API to make changes, they will be overwritten by the
# Caddyfile next time the service is restarted. If you intend to
# use Caddy's API to configure it, add the --resume flag to the
# `caddy run` command or use the caddy-api.service file instead.

[Unit]
Description=Caddy
Documentation=https://caddyserver.com/docs/
After=network.target network-online.target
Requires=network-online.target

[Service]
User=caddy
Group=caddy
ExecStart=/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile
ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile
TimeoutStopSec=5s
LimitNOFILE=1048576
LimitNPROC=512
PrivateTmp=true
ProtectSystem=full
AmbientCapabilities=CAP_NET_BIND_SERVICE

[Install]
WantedBy=multi-user.target

d. My complete Caddyfile or JSON config:

localhost

respond "Hello, world!"

3. The problem I’m having:

https shows error. http shows nothing, just a return

4. Error messages and/or full log output:

curl https://localhost shows:

curl: (60) SSL certificate problem: unable to get local issuer certificate
More details here: https://curl.haxx.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.

and curl http://localhost show nothing

5. What I already tried:

Tried reloading after config changes: sudo systemctl reload caddy

6. Links to relevant resources:

Following tutorials here: Install — Caddy Documentation and Caddyfile Quick-start — Caddy Documentation

matt · December 3, 2020, 5:04pm

Caddy needs elevated privileges for local HTTPS to work automatically: Automatic HTTPS — Caddy Documentation

You can run caddy trust to do this manually (make sure to run as the same user as the system service, not your own user account), or install the root certificate into your trust stores manually as a last resort.

dmikester1 · December 3, 2020, 5:43pm

Thank you Matt. Can you elaborate on this line “make sure to run as the same user as the system service”. How do I figure out what user that is? I just did some googling and figured out I can run a command as a different user like sudo -u [different-user] caddy trust. Does that look right?

matt · December 3, 2020, 6:26pm

More or less, yeah. I usually use sudo -u caddy -H -s to start a shell as that user.

dmikester1 · December 3, 2020, 6:59pm

Thanks! I tried that and getting an error.

matt · December 3, 2020, 11:52pm

That might be fine, and due to limitations in the underlying library that does the trust operations.

Try curl again… if it still doesn’t work, just install the cert manually.

system · January 2, 2021, 4:53pm

This topic was automatically closed after 30 days. New replies are no longer allowed.