Unable to certify or access only www with redirect

Jorik_Chase · January 24, 2024, 11:06pm

1. The problem I’m having:

Hello, I’m running an Elixir Phoenix app on ports 4000 and 4001 and use flashtones.cz and zsprodeti.cz reverse proxy for main websites.

I then redirect six other domains to specific paths on zsprodeti.cz
As in zsplavani.cz should open zsprodeti.cz/zs/plavani

At this moment, the redirects and reverse proxies work only without www._____

when entering www.zsplavani.cz only the hosting portal landing page appears.

All the domains have the same DNS records with (A)ip4, (AAAA)ip6 and CAA letsencrypt org

2. Error messages and/or full log output:

Caddyfile:

{
        email adminEmail@gmail.com
        debug
}
flashtones.cz {
        reverse_proxy http://::1:4001
}
zsprodeti.cz, www.zsprodeti.cz {
        reverse_proxy http://::1:4000
}
zsdoma.cz {
        redir https://zsprodeti.cz/zs/doma 301
}
www.zsdoma.cz {
        redir https://zsdoma.cz{uri}
}
zslyzovani.cz {
        redir https://zsprodeti.cz/zs/lyzovani 301
}
zsacademy.cz {
        redir https://zsprodeti.cz/zs/academy 301
}
zsenviro.cz {
        redir https://zsprodeti.cz/zs/enviro 301
}
zsvylety.cz {
        redir https://zsprodeti.cz/zs/vylety 301
}
zsplavani.cz {
        redir https://zsprodeti.cz/zs/plavani 301
}
www.zsplavani.cz {
        redir https://zsplavani.cz{uri}
}

Caddyfile-debug terminal output:

2024/01/25 01:49:59.375 INFO    using adjacent Caddyfile
2024/01/25 01:49:59.380 INFO    admin   admin endpoint started  {"address": "localhost:2019", "enforce_origin": false, "origins": ["//localhost:2019", "//[::1]:2019", "//127.0.0.1:2019"]}
2024/01/25 01:49:59.381 INFO    tls.cache.maintenance   started background certificate maintenance      {"cache": "0xc000451e00"}
2024/01/25 01:49:59.381 INFO    http.auto_https server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS  {"server_name": "srv0", "https_port": 443}
2024/01/25 01:49:59.382 INFO    http.auto_https enabling automatic HTTP->HTTPS redirects        {"server_name": "srv0"}
2024/01/25 01:49:59.382 DEBUG   http.auto_https adjusted config {"tls": {"automation":{"policies":[{"subjects":["www.zsprodeti.cz","zsprodeti.cz","www.zsplavani.cz","flashtones.cz","www.zsdoma.cz","zslyzovani.cz","zsacademy.cz","zsplavani.cz","zsenviro.cz","zsvylety.cz","zsdoma.cz"]},{}]}}, "http": {"servers":{"remaining_auto_https_redirects":{"listen":[":80"],"routes":[{},{}]},"srv0":{"listen":[":443"],"routes":[{"handle":[{"handler":"subroute","routes":[{"handle":[{"handler":"reverse_proxy","upstreams":[{"dial":"[::1]:4000"}]}]}]}],"terminal":true},{"handle":[{"handler":"subroute","routes":[{"handle":[{"handler":"static_response","headers":{"Location":["https://zsplavani.cz{http.request.uri}"]},"status_code":302}]}]}],"terminal":true},{"handle":[{"handler":"subroute","routes":[{"handle":[{"handler":"reverse_proxy","upstreams":[{"dial":"[::1]:4001"}]}]}]}],"terminal":true},{"handle":[{"handler":"subroute","routes":[{"handle":[{"handler":"static_response","headers":{"Location":["https://zsdoma.cz{http.request.uri}"]},"status_code":302}]}]}],"terminal":true},{"handle":[{"handler":"subroute","routes":[{"handle":[{"handler":"static_response","headers":{"Location":["https://zsprodeti.cz/zs/lyzovani"]},"status_code":301}]}]}],"terminal":true},{"handle":[{"handler":"subroute","routes":[{"handle":[{"handler":"static_response","headers":{"Location":["https://zsprodeti.cz/zs/academy"]},"status_code":301}]}]}],"terminal":true},{"handle":[{"handler":"subroute","routes":[{"handle":[{"handler":"static_response","headers":{"Location":["https://zsprodeti.cz/zs/plavani"]},"status_code":301}]}]}],"terminal":true},{"handle":[{"handler":"subroute","routes":[{"handle":[{"handler":"static_response","headers":{"Location":["https://zsprodeti.cz/zs/enviro"]},"status_code":301}]}]}],"terminal":true},{"handle":[{"handler":"subroute","routes":[{"handle":[{"handler":"static_response","headers":{"Location":["https://zsprodeti.cz/zs/vylety"]},"status_code":301}]}]}],"terminal":true},{"handle":[{"handler":"subroute","routes":[{"handle":[{"handler":"static_response","headers":{"Location":["https://zsprodeti.cz/zs/doma"]},"status_code":301}]}]}],"terminal":true}],"tls_connection_policies":[{}],"automatic_https":{}}}}}
2024/01/25 01:49:59.383 DEBUG   http    starting server loop    {"address": "[::]:80", "tls": false, "http3": false}
2024/01/25 01:49:59.383 INFO    http.log        server running  {"name": "remaining_auto_https_redirects", "protocols": ["h1", "h2", "h3"]}
2024/01/25 01:49:59.383 INFO    http    enabling HTTP/3 listener        {"addr": ":443"}
2024/01/25 01:49:59.383 DEBUG   http    starting server loop    {"address": "[::]:443", "tls": true, "http3": true}
2024/01/25 01:49:59.383 INFO    http.log        server running  {"name": "srv0", "protocols": ["h1", "h2", "h3"]}
2024/01/25 01:49:59.383 INFO    http    enabling automatic TLS certificate management   {"domains": ["zsvylety.cz", "www.zsdoma.cz", "flashtones.cz", "zslyzovani.cz", "zsacademy.cz", "zsdoma.cz", "zsprodeti.cz", "www.zsplavani.cz", "zsplavani.cz", "www.zsprodeti.cz", "zsenviro.cz"]}
2024/01/25 01:49:59.384 DEBUG   tls     loading managed certificate     {"domain": "zsvylety.cz", "expiration": "2024/04/22 17:33:19.000", "issuer_key": "acme-v02.api.letsencrypt.org-directory", "storage": "FileStorage:/root/.local/share/caddy"}
2024/01/25 01:49:59.384 DEBUG   tls.cache       added certificate to cache      {"subjects": ["zsvylety.cz"], "expiration": "2024/04/22 17:33:19.000", "managed": true, "issuer_key": "acme-v02.api.letsencrypt.org-directory", "hash": "634d6a5ad2cc04f4da5f592280f3c08e291ab14c5838887ead9418085fb17fd3", "cache_size": 1, "cache_capacity": 10000}
2024/01/25 01:49:59.384 DEBUG   events  event   {"name": "cached_managed_cert", "id": "3b94aef7-a1bc-40fd-895c-d24bb847e807", "origin": "tls", "data": {"sans":["zsvylety.cz"]}}
2024/01/25 01:49:59.385 DEBUG   tls     loading managed certificate     {"domain": "flashtones.cz", "expiration": "2024/04/18 13:52:50.000", "issuer_key": "acme-v02.api.letsencrypt.org-directory", "storage": "FileStorage:/root/.local/share/caddy"}
2024/01/25 01:49:59.385 DEBUG   tls.cache       added certificate to cache      {"subjects": ["flashtones.cz"], "expiration": "2024/04/18 13:52:50.000", "managed": true, "issuer_key": "acme-v02.api.letsencrypt.org-directory", "hash": "2103aa8280263f914afaee7396199b7f24f6dfdf38d30c8cc4653b34eb0a791e", "cache_size": 2, "cache_capacity": 10000}
2024/01/25 01:49:59.385 DEBUG   events  event   {"name": "cached_managed_cert", "id": "8ab2b32a-6e77-4b4d-9eda-85e926153adf", "origin": "tls", "data": {"sans":["flashtones.cz"]}}
2024/01/25 01:49:59.385 INFO    tls.obtain      acquiring lock  {"identifier": "www.zsdoma.cz"}
2024/01/25 01:49:59.385 DEBUG   tls     loading managed certificate     {"domain": "zslyzovani.cz", "expiration": "2024/04/22 15:49:30.000", "issuer_key": "acme-v02.api.letsencrypt.org-directory", "storage": "FileStorage:/root/.local/share/caddy"}
2024/01/25 01:49:59.386 DEBUG   tls.cache       added certificate to cache      {"subjects": ["zslyzovani.cz"], "expiration": "2024/04/22 15:49:30.000", "managed": true, "issuer_key": "acme-v02.api.letsencrypt.org-directory", "hash": "5d2b7f3a99ffcfe7eb83e37a49596c46564549199617e4d3f53d585c11a7950b", "cache_size": 3, "cache_capacity": 10000}
2024/01/25 01:49:59.386 DEBUG   events  event   {"name": "cached_managed_cert", "id": "ed004a37-c0e6-4652-ba71-0ca7a380124a", "origin": "tls", "data": {"sans":["zslyzovani.cz"]}}
2024/01/25 01:49:59.389 DEBUG   tls     loading managed certificate     {"domain": "zsacademy.cz", "expiration": "2024/04/22 17:02:12.000", "issuer_key": "acme-v02.api.letsencrypt.org-directory", "storage": "FileStorage:/root/.local/share/caddy"}
2024/01/25 01:49:59.390 DEBUG   tls.cache       added certificate to cache      {"subjects": ["zsacademy.cz"], "expiration": "2024/04/22 17:02:12.000", "managed": true, "issuer_key": "acme-v02.api.letsencrypt.org-directory", "hash": "7ad764225fa33dae96789a6b8e0082efe3c3075dff446eadf114148b343636c6", "cache_size": 4, "cache_capacity": 10000}
2024/01/25 01:49:59.390 DEBUG   events  event   {"name": "cached_managed_cert", "id": "a5a93824-c249-4d4e-8ff9-45d6052a949c", "origin": "tls", "data": {"sans":["zsacademy.cz"]}}
2024/01/25 01:49:59.390 WARN    tls     storage cleaning happened too recently; skipping for now        {"storage": "FileStorage:/root/.local/share/caddy", "instance": "aed74de2-ad02-40c2-9e77-ef639b6ca1b8", "try_again": "2024/01/26 01:49:59.390", "try_again_in": 86399.999999549}
2024/01/25 01:49:59.390 INFO    tls     finished cleaning storage units
2024/01/25 01:49:59.390 DEBUG   tls     loading managed certificate     {"domain": "zsdoma.cz", "expiration": "2024/04/22 15:49:30.000", "issuer_key": "acme-v02.api.letsencrypt.org-directory", "storage": "FileStorage:/root/.local/share/caddy"}
2024/01/25 01:49:59.391 DEBUG   tls.cache       added certificate to cache      {"subjects": ["zsdoma.cz"], "expiration": "2024/04/22 15:49:30.000", "managed": true, "issuer_key": "acme-v02.api.letsencrypt.org-directory", "hash": "f642d5653483254d51f929dc7a5989db24845f0816e50f3948a06389848b04dc", "cache_size": 5, "cache_capacity": 10000}
2024/01/25 01:49:59.391 DEBUG   events  event   {"name": "cached_managed_cert", "id": "f4c1ca85-92a9-4091-b21e-fafd5a3af2bb", "origin": "tls", "data": {"sans":["zsdoma.cz"]}}
2024/01/25 01:49:59.394 DEBUG   tls     loading managed certificate     {"domain": "zsprodeti.cz", "expiration": "2024/04/11 19:06:04.000", "issuer_key": "acme-v02.api.letsencrypt.org-directory", "storage": "FileStorage:/root/.local/share/caddy"}
2024/01/25 01:49:59.394 DEBUG   tls.cache       added certificate to cache      {"subjects": ["zsprodeti.cz"], "expiration": "2024/04/11 19:06:04.000", "managed": true, "issuer_key": "acme-v02.api.letsencrypt.org-directory", "hash": "fe4fabd31b269371a56121be5cda8ce326b345cc434daaf3c115c47937f793ee", "cache_size": 6, "cache_capacity": 10000}
2024/01/25 01:49:59.394 DEBUG   events  event   {"name": "cached_managed_cert", "id": "addab2bf-451d-40b6-899f-606902e8fe89", "origin": "tls", "data": {"sans":["zsprodeti.cz"]}}
2024/01/25 01:49:59.395 DEBUG   tls     loading managed certificate     {"domain": "zsplavani.cz", "expiration": "2024/04/22 17:33:19.000", "issuer_key": "acme-v02.api.letsencrypt.org-directory", "storage": "FileStorage:/root/.local/share/caddy"}
2024/01/25 01:49:59.395 INFO    tls.obtain      acquiring lock  {"identifier": "www.zsplavani.cz"}
2024/01/25 01:49:59.395 INFO    tls.obtain      lock acquired   {"identifier": "www.zsdoma.cz"}
2024/01/25 01:49:59.396 INFO    tls.obtain      obtaining certificate   {"identifier": "www.zsdoma.cz"}
2024/01/25 01:49:59.396 DEBUG   events  event   {"name": "cert_obtaining", "id": "f7b439d5-0726-43b7-acd8-35dd0cfa85cb", "origin": "tls", "data": {"identifier":"www.zsdoma.cz"}}
2024/01/25 01:49:59.396 DEBUG   tls.obtain      trying issuer 1/2       {"issuer": "acme-v02.api.letsencrypt.org-directory"}
2024/01/25 01:49:59.396 DEBUG   tls.cache       added certificate to cache      {"subjects": ["zsplavani.cz"], "expiration": "2024/04/22 17:33:19.000", "managed": true, "issuer_key": "acme-v02.api.letsencrypt.org-directory", "hash": "a5f49564520b6d9b65dcfd8d41c9b720e8cb804bf8756b9d32dd0bdf9f17a8f6", "cache_size": 7, "cache_capacity": 10000}
2024/01/25 01:49:59.400 INFO    tls.issuance.acme       waiting on internal rate limiter        {"identifiers": ["www.zsdoma.cz"], "ca": "https://acme-v02.api.letsencrypt.org/directory", "account": "flashtonesclothing@gmail.com"}
2024/01/25 01:49:59.400 INFO    tls.issuance.acme       done waiting on internal rate limiter   {"identifiers": ["www.zsdoma.cz"], "ca": "https://acme-v02.api.letsencrypt.org/directory", "account": "flashtonesclothing@gmail.com"}
2024/01/25 01:49:59.401 DEBUG   tls     loading managed certificate     {"domain": "zsenviro.cz", "expiration": "2024/04/22 17:02:12.000", "issuer_key": "acme-v02.api.letsencrypt.org-directory", "storage": "FileStorage:/root/.local/share/caddy"}
2024/01/25 01:49:59.402 INFO    tls.obtain      lock acquired   {"identifier": "www.zsplavani.cz"}
2024/01/25 01:49:59.402 DEBUG   tls.cache       added certificate to cache      {"subjects": ["zsenviro.cz"], "expiration": "2024/04/22 17:02:12.000", "managed": true, "issuer_key": "acme-v02.api.letsencrypt.org-directory", "hash": "df5ad846ffa359ce0e63d33d43b395ef7541f127f956b5df9325b8b5c2a21c6d", "cache_size": 9, "cache_capacity": 10000}
2024/01/25 01:49:59.402 DEBUG   events  event   {"name": "cached_managed_cert", "id": "2ea3fbbf-1d70-4d60-ad38-f98f4dfd23bf", "origin": "tls", "data": {"sans":["zsenviro.cz"]}}
2024/01/25 01:49:59.402 INFO    tls.obtain      obtaining certificate   {"identifier": "www.zsplavani.cz"}
2024/01/25 01:49:59.402 DEBUG   events  event   {"name": "cert_obtaining", "id": "93ff8118-d01d-4529-949c-8df2021122e2", "origin": "tls", "data": {"identifier":"www.zsplavani.cz"}}
2024/01/25 01:49:59.403 INFO    autosaved config (load with --resume flag)      {"file": "/root/.config/caddy/autosave.json"}
2024/01/25 01:49:59.403 INFO    serving initial configuration
2024/01/25 01:49:59.403 DEBUG   tls.obtain      trying issuer 1/2       {"issuer": "acme-v02.api.letsencrypt.org-directory"}
2024/01/25 01:49:59.403 INFO    tls.issuance.acme       waiting on internal rate limiter        {"identifiers": ["www.zsplavani.cz"], "ca": "https://acme-v02.api.letsencrypt.org/directory", "account": "flashtonesclothing@gmail.com"}
2024/01/25 01:49:59.404 INFO    tls.issuance.acme       done waiting on internal rate limiter   {"identifiers": ["www.zsplavani.cz"], "ca": "https://acme-v02.api.letsencrypt.org/directory", "account": "flashtonesclothing@gmail.com"}
Successfully started Caddy (pid=4408) - Caddy is running in the background

Caddy-debug without the www in Caddyfile:

##### CADDY #####
2024/01/25 01:43:46.414 INFO    using adjacent Caddyfile
2024/01/25 01:43:46.423 INFO    admin   admin endpoint started  {"address": "localhost:2019", "enforce_origin": false, "origins": ["//localhost:2019", "//[::1]:2019", "//127.0.0.1:2019"]}
2024/01/25 01:43:46.424 INFO    http.auto_https server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS  {"server_name": "srv0", "https_port": 443}
2024/01/25 01:43:46.424 INFO    http.auto_https enabling automatic HTTP->HTTPS redirects        {"server_name": "srv0"}
2024/01/25 01:43:46.424 DEBUG   http.auto_https adjusted config {"tls": {"automation":{"policies":[{"subjects":["www.zsprodeti.cz","zsprodeti.cz","flashtones.cz","zslyzovani.cz","zsacademy.cz","zsplavani.cz","zsenviro.cz","zsvylety.cz","zsdoma.cz"]},{}]}}, "http": {"servers":{"remaining_auto_https_redirects":{"listen":[":80"],"routes":[{},{}]},"srv0":{"listen":[":443"],"routes":[{"handle":[{"handler":"subroute","routes":[{"handle":[{"handler":"reverse_proxy","upstreams":[{"dial":"[::1]:4000"}]}]}]}],"terminal":true},{"handle":[{"handler":"subroute","routes":[{"handle":[{"handler":"reverse_proxy","upstreams":[{"dial":"[::1]:4001"}]}]}]}],"terminal":true},{"handle":[{"handler":"subroute","routes":[{"handle":[{"handler":"static_response","headers":{"Location":["https://zsprodeti.cz/zs/lyzovani"]},"status_code":301}]}]}],"terminal":true},{"handle":[{"handler":"subroute","routes":[{"handle":[{"handler":"static_response","headers":{"Location":["https://zsprodeti.cz/zs/academy"]},"status_code":301}]}]}],"terminal":true},{"handle":[{"handler":"subroute","routes":[{"handle":[{"handler":"static_response","headers":{"Location":["https://zsprodeti.cz/zs/plavani"]},"status_code":301}]}]}],"terminal":true},{"handle":[{"handler":"subroute","routes":[{"handle":[{"handler":"static_response","headers":{"Location":["https://zsprodeti.cz/zs/enviro"]},"status_code":301}]}]}],"terminal":true},{"handle":[{"handler":"subroute","routes":[{"handle":[{"handler":"static_response","headers":{"Location":["https://zsprodeti.cz/zs/vylety"]},"status_code":301}]}]}],"terminal":true},{"handle":[{"handler":"subroute","routes":[{"handle":[{"handler":"static_response","headers":{"Location":["https://zsprodeti.cz/zs/doma"]},"status_code":301}]}]}],"terminal":true}],"tls_connection_policies":[{}],"automatic_https":{}}}}}
2024/01/25 01:43:46.426 INFO    tls.cache.maintenance   started background certificate maintenance      {"cache": "0xc000421f00"}
2024/01/25 01:43:46.430 INFO    http    enabling HTTP/3 listener        {"addr": ":443"}
2024/01/25 01:43:46.434 DEBUG   http    starting server loop    {"address": "[::]:443", "tls": true, "http3": true}
2024/01/25 01:43:46.436 INFO    http.log        server running  {"name": "srv0", "protocols": ["h1", "h2", "h3"]}
2024/01/25 01:43:46.436 DEBUG   http    starting server loop    {"address": "[::]:80", "tls": false, "http3": false}
2024/01/25 01:43:46.436 INFO    http.log        server running  {"name": "remaining_auto_https_redirects", "protocols": ["h1", "h2", "h3"]}
2024/01/25 01:43:46.436 INFO    http    enabling automatic TLS certificate management   {"domains": ["zsenviro.cz", "zsdoma.cz", "flashtones.cz", "zslyzovani.cz", "zsacademy.cz", "zsvylety.cz", "zsprodeti.cz", "www.zsprodeti.cz", "zsplavani.cz"]}
2024/01/25 01:43:46.450 WARN    tls     storage cleaning happened too recently; skipping for now        {"storage": "FileStorage:/root/.local/share/caddy", "instance": "aed74de2-ad02-40c2-9e77-ef639b6ca1b8", "try_again": "2024/01/26 01:43:46.450", "try_again_in": 86399.999999298}
2024/01/25 01:43:46.450 INFO    tls     finished cleaning storage units
2024/01/25 01:43:46.454 DEBUG   tls     loading managed certificate     {"domain": "zsenviro.cz", "expiration": "2024/04/22 17:02:12.000", "issuer_key": "acme-v02.api.letsencrypt.org-directory", "storage": "FileStorage:/root/.local/share/caddy"}
2024/01/25 01:43:46.460 DEBUG   tls.cache       added certificate to cache      {"subjects": ["zsenviro.cz"], "expiration": "2024/04/22 17:02:12.000", "managed": true, "issuer_key": "acme-v02.api.letsencrypt.org-directory", "hash": "df5ad846ffa359ce0e63d33d43b395ef7541f127f956b5df9325b8b5c2a21c6d", "cache_size": 1, "cache_capacity": 10000}
2024/01/25 01:43:46.460 DEBUG   events  event   {"name": "cached_managed_cert", "id": "19beafe0-ef94-4021-9958-aba1b2251baf", "origin": "tls", "data": {"sans":["zsenviro.cz"]}}
2024/01/25 01:43:46.464 DEBUG   tls     loading managed certificate     {"domain": "zsdoma.cz", "expiration": "2024/04/22 15:49:30.000", "issuer_key": "acme-v02.api.letsencrypt.org-directory", "storage": "FileStorage:/root/.local/share/caddy"}
2024/01/25 01:43:46.465 DEBUG   tls.cache       added certificate to cache      {"subjects": ["zsdoma.cz"], "expiration": "2024/04/22 15:49:30.000", "managed": true, "issuer_key": "acme-v02.api.letsencrypt.org-directory", "hash": "f642d5653483254d51f929dc7a5989db24845f0816e50f3948a06389848b04dc", "cache_size": 2, "cache_capacity": 10000}
2024/01/25 01:43:46.465 DEBUG   events  event   {"name": "cached_managed_cert", "id": "1cd1818b-1832-4cd2-b130-2e39ed60a4e8", "origin": "tls", "data": {"sans":["zsdoma.cz"]}}
2024/01/25 01:43:46.468 DEBUG   tls     loading managed certificate     {"domain": "flashtones.cz", "expiration": "2024/04/18 13:52:50.000", "issuer_key": "acme-v02.api.letsencrypt.org-directory", "storage": "FileStorage:/root/.local/share/caddy"}
2024/01/25 01:43:46.469 DEBUG   tls.cache       added certificate to cache      {"subjects": ["flashtones.cz"], "expiration": "2024/04/18 13:52:50.000", "managed": true, "issuer_key": "acme-v02.api.letsencrypt.org-directory", "hash": "2103aa8280263f914afaee7396199b7f24f6dfdf38d30c8cc4653b34eb0a791e", "cache_size": 3, "cache_capacity": 10000}
2024/01/25 01:43:46.469 DEBUG   events  event   {"name": "cached_managed_cert", "id": "01d9219b-424c-4622-8ccc-63102e05a229", "origin": "tls", "data": {"sans":["flashtones.cz"]}}
2024/01/25 01:43:46.472 DEBUG   tls     loading managed certificate     {"domain": "zslyzovani.cz", "expiration": "2024/04/22 15:49:30.000", "issuer_key": "acme-v02.api.letsencrypt.org-directory", "storage": "FileStorage:/root/.local/share/caddy"}
2024/01/25 01:43:46.472 DEBUG   tls.cache       added certificate to cache      {"subjects": ["zslyzovani.cz"], "expiration": "2024/04/22 15:49:30.000", "managed": true, "issuer_key": "acme-v02.api.letsencrypt.org-directory", "hash": "5d2b7f3a99ffcfe7eb83e37a49596c46564549199617e4d3f53d585c11a7950b", "cache_size": 4, "cache_capacity": 10000}
2024/01/25 01:43:46.472 DEBUG   events  event   {"name": "cached_managed_cert", "id": "3302466a-2561-45cd-a0e8-194b4ff17911", "origin": "tls", "data": {"sans":["zslyzovani.cz"]}}
2024/01/25 01:43:46.476 DEBUG   tls     loading managed certificate     {"domain": "zsacademy.cz", "expiration": "2024/04/22 17:02:12.000", "issuer_key": "acme-v02.api.letsencrypt.org-directory", "storage": "FileStorage:/root/.local/share/caddy"}
2024/01/25 01:43:46.477 DEBUG   tls.cache       added certificate to cache      {"subjects": ["zsacademy.cz"], "expiration": "2024/04/22 17:02:12.000", "managed": true, "issuer_key": "acme-v02.api.letsencrypt.org-directory", "hash": "7ad764225fa33dae96789a6b8e0082efe3c3075dff446eadf114148b343636c6", "cache_size": 5, "cache_capacity": 10000}
2024/01/25 01:43:46.477 DEBUG   events  event   {"name": "cached_managed_cert", "id": "5ed1eb40-1c09-4f31-b185-09e14dd953a3", "origin": "tls", "data": {"sans":["zsacademy.cz"]}}
2024/01/25 01:43:46.481 DEBUG   tls     loading managed certificate     {"domain": "zsvylety.cz", "expiration": "2024/04/22 17:33:19.000", "issuer_key": "acme-v02.api.letsencrypt.org-directory", "storage": "FileStorage:/root/.local/share/caddy"}
2024/01/25 01:43:46.482 DEBUG   tls.cache       added certificate to cache      {"subjects": ["zsvylety.cz"], "expiration": "2024/04/22 17:33:19.000", "managed": true, "issuer_key": "acme-v02.api.letsencrypt.org-directory", "hash": "634d6a5ad2cc04f4da5f592280f3c08e291ab14c5838887ead9418085fb17fd3", "cache_size": 6, "cache_capacity": 10000}
2024/01/25 01:43:46.482 DEBUG   events  event   {"name": "cached_managed_cert", "id": "244d70e6-ac2c-427e-a29f-c0de5ec0bc3b", "origin": "tls", "data": {"sans":["zsvylety.cz"]}}
2024/01/25 01:43:46.484 DEBUG   tls     loading managed certificate     {"domain": "zsprodeti.cz", "expiration": "2024/04/11 19:06:04.000", "issuer_key": "acme-v02.api.letsencrypt.org-directory", "storage": "FileStorage:/root/.local/share/caddy"}
2024/01/25 01:43:46.485 DEBUG   tls.cache       added certificate to cache      {"subjects": ["zsprodeti.cz"], "expiration": "2024/04/11 19:06:04.000", "managed": true, "issuer_key": "acme-v02.api.letsencrypt.org-directory", "hash": "fe4fabd31b269371a56121be5cda8ce326b345cc434daaf3c115c47937f793ee", "cache_size": 7, "cache_capacity": 10000}
2024/01/25 01:43:46.485 DEBUG   events  event   {"name": "cached_managed_cert", "id": "78f06ea9-003d-437e-8109-05a2c0bd8064", "origin": "tls", "data": {"sans":["zsprodeti.cz"]}}
2024/01/25 01:43:46.488 DEBUG   tls     loading managed certificate     {"domain": "www.zsprodeti.cz", "expiration": "2024/04/11 22:45:59.000", "issuer_key": "acme-v02.api.letsencrypt.org-directory", "storage": "FileStorage:/root/.local/share/caddy"}
2024/01/25 01:43:46.489 DEBUG   tls.cache       added certificate to cache      {"subjects": ["www.zsprodeti.cz"], "expiration": "2024/04/11 22:45:59.000", "managed": true, "issuer_key": "acme-v02.api.letsencrypt.org-directory", "hash": "ae1029c5ff41c459381095f07c868205b1d2096ab2c86fcff4747188c75f7157", "cache_size": 8, "cache_capacity": 10000}
2024/01/25 01:43:46.489 DEBUG   events  event   {"name": "cached_managed_cert", "id": "d58a712d-9ca2-404e-93a0-c0adea589349", "origin": "tls", "data": {"sans":["www.zsprodeti.cz"]}}
2024/01/25 01:43:46.492 DEBUG   tls     loading managed certificate     {"domain": "zsplavani.cz", "expiration": "2024/04/22 17:33:19.000", "issuer_key": "acme-v02.api.letsencrypt.org-directory", "storage": "FileStorage:/root/.local/share/caddy"}
2024/01/25 01:43:46.492 DEBUG   tls.cache       added certificate to cache      {"subjects": ["zsplavani.cz"], "expiration": "2024/04/22 17:33:19.000", "managed": true, "issuer_key": "acme-v02.api.letsencrypt.org-directory", "hash": "a5f49564520b6d9b65dcfd8d41c9b720e8cb804bf8756b9d32dd0bdf9f17a8f6", "cache_size": 9, "cache_capacity": 10000}
2024/01/25 01:43:46.492 DEBUG   events  event   {"name": "cached_managed_cert", "id": "bd5ef246-0fe6-4e71-8bb4-7a3301382ec8", "origin": "tls", "data": {"sans":["zsplavani.cz"]}}
2024/01/25 01:43:46.495 INFO    autosaved config (load with --resume flag)      {"file": "/root/.config/caddy/autosave.json"}
2024/01/25 01:43:46.495 INFO    serving initial configuration
Successfully started Caddy (pid=3900) - Caddy is running in the background

firewall settings on http:

iptables --list|grep "spt:\|dpt:\|dports\|sports"|grep http
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:http
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:https
ACCEPT     tcp  --  anywhere             anywhere             tcp spt:http
ACCEPT     tcp  --  anywhere             anywhere             tcp spt:https

3. Caddy version:

b359ca565c624b8718eac79058bff0591b250d0e (10 Jan 24 18:04 UTC)

4. How I installed and ran Caddy:

a. System environment:

Ubuntu 22.04.3 LTS, VPS

b. Command:

deployment script:

echo "##### INITIALIZING NODE 1 #####"

. ./node1.sh

echo "##### INITIALIZING NODE 2 #####"

. ./node2.sh

echo "##### CADDY #####"

cd /etc/caddy/

caddy start

cd ~/dev/Flashtones.cz/

d. My complete Caddy config:

caddy fmt:

{
        email flashtonesclothing@gmail.com
        debug
}
flashtones.cz {
        reverse_proxy http://::1:4001
}
zsprodeti.cz, www.zsprodeti.cz {
        reverse_proxy http://::1:4000
}
zsdoma.cz {
        redir https://zsprodeti.cz/zs/doma 301
}
www.zsdoma.cz {
        redir https://zsdoma.cz{uri}
}
zslyzovani.cz {
        redir https://zsprodeti.cz/zs/lyzovani 301
}
zsacademy.cz {
        redir https://zsprodeti.cz/zs/academy 301
}
zsenviro.cz {
        redir https://zsprodeti.cz/zs/enviro 301
}
zsvylety.cz {
        redir https://zsprodeti.cz/zs/vylety 301
}
zsplavani.cz {
        redir https://zsprodeti.cz/zs/plavani 301
}
www.zsplavani.cz {
        redir https://zsplavani.cz{uri}
}

5. Links to relevant resources:

I tried to fix my issude through these discussions and documentation:

I would be grateful for any help or pointers, I’m stuck on this problem for a couple of days now and my boss is fuming over my shoulder.

francislavoie · January 25, 2024, 5:39am

Running curl -v http://www.zsplavani.cz shows that it hits an Apache server, not Caddy.

I think your DNS is not correct, your www subdomain is not pointing to your Caddy server.

Remember that in DNS, subdomains (like www.) have separate A records from your apex domain.

Jorik_Chase · January 25, 2024, 2:42pm

This works!!
Thank You so much! The Apache admin changed the A records back to the old ip when looking through the new administration settings for some reason.
You’ve saved my neck.

system · February 24, 2024, 2:42pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.