Unable to run Caddy on 443 port

Help
1

1. Caddy version (caddy version):

v2.4.5

2. How I run Caddy:

a. System environment:

Ubuntu, 20.4, No

b. Command:

Sudo Systemctl enable caddy-api
curl localhost:2019/load \
	-X POST \
	-H "Content-Type: application/json" \
	-d @caddy.json

curl localhost:2019/config/

c. Service/unit/compose file:

No 
Paste full file contents here.
Make sure backticks stay on their own lines,
and the post looks nice in the preview pane.

d. My complete Caddyfile or JSON config:

{
  "admin": {
    "disabled": false
  },
  "apps": {
    "http": {
      "servers": {
        "srv0": {
          "listen": [
            ":443"
          ],
          "routes": [
            {
              "handle": [
                {
                  "handler": "headers",
                  "response": {
                    "set": {
                      "Referrer-Policy": [
                        "same-origin"
                      ],
                      "X-Content-Type-Options": [
                        "nosniff"
                      ],
                      "X-Frame-Options": [
                        "DENY"
                      ],
                      "X-Xss-Protection": [
                        "1; mode=block"
                      ]
                    }
                  }
                },
                {
                  "handler": "subroute",
                  "routes": [
                    {
                      "handle": [
                        {
                          "handler": "vars",
                          "root": "/var/www/html/example/"
                        }
                      ]
                    },
                    {
                      "handle": [
                        {
                          "handler": "rewrite",
                          "uri": "{http.matchers.file.relative}"
                        }
                      ],
                      "match": [
                        {
                          "file": {
                            "try_files": [
                              "{http.request.uri.path}",
                              "{http.request.uri.path}/",
                              "/index.html"
                            ]
                          }
                        }
                      ]
                    },
                    {
                      "handle": [
                        {
                          "encodings": {
                            "gzip": {},
                            "zstd": {}
                          },
                          "handler": "encode"
                        },
                        {
                          "handler": "file_server",
                          "hide": [
                            "Caddyfile"
                          ]
                        }
                      ]
                    }
                  ]
                }
              ]
            }
          ]
        }
      }
    },
    "tls": {
      "automation": {
        "on_demand": {
          "ask": "example.com"
        },
        "policies": [
          {
            "on_demand": true
          }
        ]
      }
    }
  }
}

3. The problem I’m having:

  • Trying 127.0.0.1:443…
  • TCP_NODELAY set
  • Connected to localhost (127.0.0.1) port 443 (#0)
  • ALPN, offering h2
  • ALPN, offering http/1.1
  • successfully set certificate verify locations:
  • CAfile: /etc/ssl/certs/ca-certificates.crt
    CApath: /etc/ssl/certs
  • TLSv1.3 (OUT), TLS handshake, Client hello (1):
  • TLSv1.3 (IN), TLS alert, internal error (592):
  • error:14094438:SSL routines:ssl3_read_bytes:tlsv1 alert internal error
  • Closing connection 0
    curl: (35) error:14094438:SSL routines:ssl3_read_bytes:tlsv1 alert internal error

4. Error messages and/or full log output:

5. What I already tried:

Changed port to 80 and it works fine with 80, but not with 443

6. Links to relevant resources:

2

What’s in Caddy’s logs? See how to check your logs on this page in the docs:

Any particular reason you’re using JSON rather than a Caddyfile? I’m not seeing anything in your config that would necessitate using JSON.

3

Here is the logs:-

– Logs begin at Thu 2021-09-30 08:21:20 UTC, end at Fri 2021-10-01 07:00:42 UTC. –
Sep 30 08:22:42 ip-172-31-27-221 systemd[1]: Starting Caddy…
Sep 30 08:22:42 ip-172-31-27-221 caddy[1916]: caddy.HomeDir=/var/lib/caddy
Sep 30 08:22:42 ip-172-31-27-221 caddy[1916]: caddy.AppDataDir=/var/lib/caddy/.local/share/caddy
Sep 30 08:22:42 ip-172-31-27-221 caddy[1916]: caddy.AppConfigDir=/var/lib/caddy/.config/caddy
Sep 30 08:22:42 ip-172-31-27-221 caddy[1916]: caddy.ConfigAutosavePath=/var/lib/caddy/.config/caddy/autosave.json
Sep 30 08:22:42 ip-172-31-27-221 caddy[1916]: caddy.Version=v2.4.5 h1:P1mRs6V2cMcagSPn+NWpD+OEYUYLIf6ecOa48cFGeUg=
Sep 30 08:22:42 ip-172-31-27-221 caddy[1916]: runtime.GOOS=linux
Sep 30 08:22:42 ip-172-31-27-221 caddy[1916]: runtime.GOARCH=amd64
Sep 30 08:22:42 ip-172-31-27-221 caddy[1916]: runtime.Compiler=gc
Sep 30 08:22:42 ip-172-31-27-221 caddy[1916]: runtime.NumCPU=1
Sep 30 08:22:42 ip-172-31-27-221 caddy[1916]: runtime.GOMAXPROCS=1
Sep 30 08:22:42 ip-172-31-27-221 caddy[1916]: runtime.Version=go1.17
Sep 30 08:22:42 ip-172-31-27-221 caddy[1916]: os.Getwd=/
Sep 30 08:22:42 ip-172-31-27-221 caddy[1916]: LANG=C.UTF-8
Sep 30 08:22:42 ip-172-31-27-221 caddy[1916]: PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/
bin
Sep 30 08:22:42 ip-172-31-27-221 caddy[1916]: NOTIFY_SOCKET=/run/systemd/notify
Sep 30 08:22:42 ip-172-31-27-221 caddy[1916]: HOME=/var/lib/caddy
Sep 30 08:22:42 ip-172-31-27-221 caddy[1916]: LOGNAME=caddy
Sep 30 08:22:42 ip-172-31-27-221 caddy[1916]: USER=caddy
Sep 30 08:22:42 ip-172-31-27-221 caddy[1916]: INVOCATION_ID=963e548a19cb4eaf9aab2c2e2e121996
Sep 30 08:22:42 ip-172-31-27-221 caddy[1916]: JOURNAL_STREAM=9:30257
Sep 30 08:22:42 ip-172-31-27-221 caddy[1916]: {“level”:“info”,“ts”:1632990162.9422908,“msg”:“using provided configuration”,“config_file”:"/etc/caddy/Caddyfile",“config_adapter”:""}
Sep 30 08:22:42 ip-172-31-27-221 caddy[1916]: {“level”:“info”,“ts”:1632990162.9457846,“logger”:“admin”,“msg”:“admin endpoint started”,“address”:“tcp/localhost:2019”,“enforce_origin”:false,“origins”:[“127.0.0.1:2019”,“localhost:2019”,"[::1]:2019"]}
Sep 30 08:22:42 ip-172-31-27-221 caddy[1916]: {“level”:“info”,“ts”:1632990162.9464839,“logger”:“http”,“msg”:“server is listening only on the HTTP port, so no automatic HTTPS will be applied to this server”,“server_name”:“srv0”,“http_port”:80}
Sep 30 08:22:42 ip-172-31-27-221 caddy[1916]: {“level”:“info”,“ts”:1632990162.947811,“msg”:“autosaved config (load with --resume flag)”,“file”:"/var/lib/caddy/.config/caddy/autosave.json"}
Sep 30 08:22:42 ip-172-31-27-221 systemd[1]: Started Caddy.
Sep 30 08:22:42 ip-172-31-27-221 caddy[1916]: {“level”:“info”,“ts”:1632990162.9565048,“logger”:“tls.cache.maintenance”,“msg”:“started background certificate maintenance”,“cache”:“0xc0001d31f0”}
Sep 30 08:22:42 ip-172-31-27-221 caddy[1916]: {“level”:“info”,“ts”:1632990162.9608462,“logger”:“tls”,“msg”:“cleaning storage unit”,“description”:“FileStorage:/var/lib/caddy/.local/share/caddy”}
Sep 30 08:22:42 ip-172-31-27-221 caddy[1916]: {“level”:“info”,“ts”:1632990162.9610689,“logger”:“tls”,“msg”:“finished cleaning storage units”}
Sep 30 08:22:42 ip-172-31-27-221 caddy[1916]: {“level”:“info”,“ts”:1632990162.9614127,“msg”:“serving initial configuration”}
Sep 30 08:22:48 ip-172-31-27-221 systemd[1]: Stopping Caddy…
Sep 30 08:22:48 ip-172-31-27-221 caddy[1916]: {“level”:“info”,“ts”:1632990168.2274158,“msg”:“shutting down apps, then terminating”,“signal”:“SIGTERM”}
Sep 30 08:22:48 ip-172-31-27-221 caddy[1916]: {“level”:“warn”,“ts”:1632990168.2274406,“msg”:“exiting; byeee!! :wave:”,“signal”:“SIGTERM”}
Sep 30 08:22:48 ip-172-31-27-221 caddy[1916]: {“level”:“info”,“ts”:1632990168.228617,“logger”:“tls.cache.maintenance”,“msg”:“stopped background certificate maintenance”,“cache”:“0xc0001d31f0”}
Sep 30 08:22:48 ip-172-31-27-221 caddy[1916]: {“level”:“info”,“ts”:1632990168.2298195,“logger”:“admin”,“msg”:“stopped previous server”,“address”:“tcp/localhost:2019”}
Sep 30 08:22:48 ip-172-31-27-221 caddy[1916]: {“level”:“info”,“ts”:1632990168.2298527,“msg”:“shutdown complete”,“signal”:“SIGTERM”,“exit_code”:0}
Sep 30 08:22:48 ip-172-31-27-221 systemd[1]: caddy.service: Succeeded.
Sep 30 08:22:48 ip-172-31-27-221 systemd[1]: Stopped Caddy.

4

That’s just the startup and shutdown logs. There’s not really any salient information in there. Did you try making a request before shutting it down?

Also what about my other question?

5

We are using JSON because it supports configuration update using API and we wanted to give support to manage the configuration from remote server.

6

How to see the proper logs ??

7

As I explained earlier, the command for seeing Caddy’s logs is on this page in the docs:

You can add this to your config to enable DEBUG level logging to see more detail (add logging at the top-level of your JSON):

{
  "logging": {
    "logs": {
      "default": {
        "level": "DEBUG"
      }
    }
  }
}
1 Like
8

I tried this but It’s not working…

9

I can’t help you if you don’t provide more information.

10

I made request many times today but it is showing me only these logs

– Logs begin at Tue 2021-09-28 10:35:34 UTC, end at Mon 2021-10-04 08:46:07 UTC. –
Sep 28 10:37:05 ip-172-31-1-206 systemd[1]: Starting Caddy…
Sep 28 10:37:06 ip-172-31-1-206 caddy[1898]: caddy.HomeDir=/var/lib/caddy
Sep 28 10:37:06 ip-172-31-1-206 caddy[1898]: caddy.AppDataDir=/var/lib/caddy/.local/share/caddy
Sep 28 10:37:06 ip-172-31-1-206 caddy[1898]: caddy.AppConfigDir=/var/lib/caddy/.config/caddy
Sep 28 10:37:06 ip-172-31-1-206 caddy[1898]: caddy.ConfigAutosavePath=/var/lib/caddy/.config/caddy/autosave.json
Sep 28 10:37:06 ip-172-31-1-206 caddy[1898]: caddy.Version=v2.4.5 h1:P1mRs6V2cMcagSPn+NWpD+OEYUYLIf6ecOa48cFGeUg=
Sep 28 10:37:06 ip-172-31-1-206 caddy[1898]: runtime.GOOS=linux
Sep 28 10:37:06 ip-172-31-1-206 caddy[1898]: runtime.GOARCH=amd64
Sep 28 10:37:06 ip-172-31-1-206 caddy[1898]: runtime.Compiler=gc
Sep 28 10:37:06 ip-172-31-1-206 caddy[1898]: runtime.NumCPU=1
Sep 28 10:37:06 ip-172-31-1-206 caddy[1898]: runtime.GOMAXPROCS=1
Sep 28 10:37:06 ip-172-31-1-206 caddy[1898]: runtime.Version=go1.17
Sep 28 10:37:06 ip-172-31-1-206 caddy[1898]: os.Getwd=/
Sep 28 10:37:06 ip-172-31-1-206 caddy[1898]: LANG=C.UTF-8
Sep 28 10:37:06 ip-172-31-1-206 caddy[1898]: PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/b
in
Sep 28 10:37:06 ip-172-31-1-206 caddy[1898]: NOTIFY_SOCKET=/run/systemd/notify
Sep 28 10:37:06 ip-172-31-1-206 caddy[1898]: HOME=/var/lib/caddy
Sep 28 10:37:06 ip-172-31-1-206 caddy[1898]: LOGNAME=caddy
Sep 28 10:37:06 ip-172-31-1-206 caddy[1898]: USER=caddy
Sep 28 10:37:06 ip-172-31-1-206 caddy[1898]: INVOCATION_ID=4938d38d77874939a6c503f04d37b9f3
Sep 28 10:37:06 ip-172-31-1-206 caddy[1898]: JOURNAL_STREAM=9:30136
Sep 28 10:37:06 ip-172-31-1-206 caddy[1898]: {“level”:“info”,“ts”:1632825426.0508318,“msg”:“using provided configuration”,“config_file”:"/etc/caddy/Caddyfile",“config_adapter”:""}
Sep 28 10:37:06 ip-172-31-1-206 caddy[1898]: {“level”:“info”,“ts”:1632825426.0556262,“logger”:“admin”,“msg”:“admin endpoint started”,“address”:“tcp/localhost:2019”,“enforce_origin”:false,“origins”:["[::1]:2019",“127.0.0.1:2019”,“localhost:2019”]}
Sep 28 10:37:06 ip-172-31-1-206 caddy[1898]: {“level”:“info”,“ts”:1632825426.0559897,“logger”:“http”,“msg”:“server is listening only on the HTTP port, so no automatic HTTPS will be applied to this server”,“server_name”:“srv0”,“http_port”:80}
Sep 28 10:37:06 ip-172-31-1-206 caddy[1898]: {“level”:“info”,“ts”:1632825426.0571492,“msg”:“autosaved config (load with --resume flag)”,“file”:"/var/lib/caddy/.config/caddy/autosave.json"}
Sep 28 10:37:06 ip-172-31-1-206 systemd[1]: Started Caddy.
Sep 28 10:37:06 ip-172-31-1-206 caddy[1898]: {“level”:“info”,“ts”:1632825426.0614328,“logger”:“tls.cache.maintenance”,“msg”:“started background certificate maintenance”,“cache”:“0xc0000dafc0”}
Sep 28 10:37:06 ip-172-31-1-206 caddy[1898]: {“level”:“info”,“ts”:1632825426.067254,“logger”:“tls”,“msg”:“cleaning storage unit”,“description”:“FileStorage:/var/lib/caddy/.local/share/caddy”}
Sep 28 10:37:06 ip-172-31-1-206 caddy[1898]: {“level”:“info”,“ts”:1632825426.067459,“logger”:“tls”,“msg”:“finished cleaning storage units”}
Sep 28 10:37:06 ip-172-31-1-206 caddy[1898]: {“level”:“info”,“ts”:1632825426.0682254,“msg”:“serving initial configuration”}
Sep 28 10:37:11 ip-172-31-1-206 systemd[1]: Stopping Caddy…
Sep 28 10:37:11 ip-172-31-1-206 caddy[1898]: {“level”:“info”,“ts”:1632825431.4717329,“msg”:“shutting down apps, then terminating”,“signal”:“SIGTERM”}
Sep 28 10:37:11 ip-172-31-1-206 caddy[1898]: {“level”:“warn”,“ts”:1632825431.4717586,“msg”:“exiting; byeee!! :wave:”,“signal”:“SIGTERM”}
Sep 28 10:37:11 ip-172-31-1-206 caddy[1898]: {“level”:“info”,“ts”:1632825431.472997,“logger”:“tls.cache.maintenance”,“msg”:“stopped background certificate maintenance”,“cache”:“0xc0000dafc0”}
Sep 28 10:37:11 ip-172-31-1-206 caddy[1898]: {“level”:“info”,“ts”:1632825431.474213,“logger”:“admin”,“msg”:“stopped previous server”,“address”:“tcp/localhost:2019”}
Sep 28 10:37:11 ip-172-31-1-206 caddy[1898]: {“level”:“info”,“ts”:1632825431.4742293,“msg”:“shutdown complete”,“signal”:“SIGTERM”,“exit_code”:0}
Sep 28 10:37:11 ip-172-31-1-206 systemd[1]: caddy.service: Succeeded.
Sep 28 10:37:11 ip-172-31-1-206 systemd[1]: Stopped Caddy.

11

Your logs show Caddy starts up, then 5 seconds later it shuts down.

Are you killing Caddy immediately after running it? Don’t do that!

12

Caddy is continuously running.
Will Caddyfile do work for this kind of configuration which we had in our caddy.json?

13

Is there any way to share my screen to you??

14

The logs show Caddy stopping because it received SIGTERM. This means Caddy received pkill or another way to be killed. Please describe in full details how did you install Caddy, how you’re running Caddy, the JSON config it’s running, how was the config provided to Caddy, share the full config, how are you testing Caddy is running, are you running Caddy and testing from a different computer, how is Caddy stopping. Please include full details of any form.

1 Like
15

Caddy Configuration done with these commands:-

sudo apt install -y debian-keyring debian-archive-keyring apt-transport-https
curl -1sLf ‘https://dl.cloudsmith.io/public/caddy/stable/gpg.key’ | sudo tee /etc/apt/trusted.gpg.d/caddy-stable.asc
curl -1sLf ‘https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt’ | sudo tee /etc/apt/sources.list.d/caddy-stable.list
sudo apt update
sudo apt install caddy
sudo systemctl disable caddy
sudo systemctl enable caddy-api
sudo systemctl stop caddy
sudo systemctl start caddy-api

Caddy Configuration file is caddy.json:- Already provided
caddy.json is loading with this command:-
curl localhost:2019/load
-X POST
-H “Content-Type: application/json”
-d @caddy.json

Testing the Caddy whether running or not :-
sudo systemctl status caddy-api
and then trying to access the “https://<server’s ip>” on web browser.

16

Thank you. The JSON you provided doesn’t include enabling the debug level logging requested by @francislavoie. Also it isn’t clear why the earlier logs show Caddy being killed after 5 seconds.

17

I tried with logging, but it is showing the starting and stopped logs only.

18

Please include how you did that. There’s something missing and we need to trace the steps.

19

journalctl -u caddy --no-pager | less
With this i got logs

20

You’re using the caddy-api service, so the command for the systemd logs is:

journalctl -u caddy-api --no-pager | less

Moreover, you still have not enabled debug logs via the JSON config as Francis instructed.