Hi,
I am trying to use Caddy as a forward proxy (using the forward proxy plugin). Things work fine when Caddy goes to internet directly. But when I use a upstream proxy (proxy chaining), accessing plain http websites result in a “502 Bad Gateway” error. Able to access secure/https websites without any issues.
Caddyfile contents below:
The docs mention that it only supports remote HTTPS targets for the upstream proxy feature.
upstream [https://username:password@upstreamproxy.site:443]
Sets upstream proxy to route all forwardproxy requests through it. This setting does not affect non-forwardproxy requests nor requests with wrong credentials. Upstream is incompatible with acl and ports subdirectives.
Supported schemes to remote host: https.
Supported schemes to localhost: socks5, http, https(certificate check is ignored). Default: no upstream proxy.
Hi @Whitestrake,
Thanks for your response. Yes, I am referring to the upstream property only.
The documentation says - “Supported schemes to remote host: https”
I took the remote host to mean the upstream remote proxy.
For instance, if I configure the upstream proxy URL as “http://myproxy.net” (which resolves to a remote IP address), Caddy throws an error as shown below:
“2019/07/12 17:31:55 insecure schemes are only allowed to localhost upstreams”
When I configure the upstream property to use a secure upstream proxy, I am able to access all https websites. But plain http sites aren’t accessible.
Does the “remote host” mean both the upstream proxy as well as the actual origin/webserver ?