Unable to reach admin endpoint when running in docker

1. Caddy version (caddy version):

Version v2.4.2 h1:chB106RlsIaY4mVEyq9OQM5g/9lHYVputo/LAX2ndFg=,

2. How I run Caddy:

executing the following windows batch file:


@echo off
SET CADDY_FILEPATH=c:\develop\test\caddy\
SET CADDY_DATA_FOLDER=c:\develop\test\caddy\data

REM try to stop if it is stuck running
docker stop %CONTAINER_NAME%

docker run  -d ^
            -p 80:80 ^
            -p 443:443 ^
            -p 2015:2015 ^
            -p 2016:2016 ^
            -p 2019:2019 ^
            -p 2020:2020 ^
            -p 5551:5551 ^
            -v %CADDY_FILEPATH%/Caddyfile:/etc/caddy/Caddyfile ^
            --rm ^
            --name %CONTAINER_NAME% ^

a. System environment:

docker image “caddy:2.4.2-alpine”. Hosted on a Windows 10 machine

b. Command:


C:\develop\test\caddy>curl localhost:80
Hello, world!
C:\develop\test\caddy>curl localhost:2016
Client sent an HTTP request to an HTTPS server.

C:\develop\test\caddy>curl localhost:2020/config/
curl: (52) Empty reply from server

C:\develop\test\caddy>curl https://localhost:2016
curl: (35) schannel: next InitializeSecurityContext failed: SEC_E_ILLEGAL_MESSAGE (0x80090326) - This error usually occurs when a fatal SSL/TLS alert is received (e.g. handshake failed). More detail may be available in the Windows System event log.

c. Service/unit/compose file:

Paste full file contents here.
Make sure backticks stay on their own lines,
and the post looks nice in the preview pane.

d. My complete Caddyfile config:

	admin localhost:2020
	auto_https off

localhost:80 {
	respond "Hello, world!"

localhost:2016 {
	respond "Goodbye, world!"

3. The problem I’m having:

  1. On port 2016 it demands https, although I did not configure that.
  2. Port 2020 only returns an empty response from outside of the container, though I specified it in the docker run command.

Basically I’m interested in hosting caddy in a docker container and being able to access everything I configure in the caddyfile from the outside. I tried different port numbers for the admin console but that did not change the behavior, I still get an empty response from the admin endpoint. Obviously also the auto_https option is ignored (2016 demands https).

4. Error messages and/or full log output:

5. What I already tried:

I extended the docker image with curl:

FROM caddy:2.4.2-alpine
# replace the repository entries from https to http
# see https://gitlab.alpinelinux.org/alpine/aports/-/issues/11768
RUN sed -i -e 's/https/http/' /etc/apk/repositories
RUN apk --no-cache add --update curl

and could verify that I can access the admin endpoint from within the container. Still not accessible from the outside.

I also tried the caddy:2.4.3-alpine image before and only switched back to 2.4.2 for a tryout.

6. Links to relevant resources:

localhost resolves to, meaning Caddy will only accept requests coming from, i.e. only requests coming from inside its own container. If you need to make it accessible from outside, you’ll need to switch it to admin :2020 to listen on all interfaces.

Caddy defaults to HTTPS by default. If you want to use HTTP, then specify http:// in front of the site address. The reason localhost:80 doesn’t default to HTTPS is because 80 is the HTTP port.

1 Like

Thanks Francis.
With your help I got it working now, using the following Caddyfile:

	admin :2020

localhost:80 {
	respond "Hello, world!"

http://localhost:2016 {
	respond "Goodbye, world!"

This topic was automatically closed after 30 days. New replies are no longer allowed.