Okay, so first of all, thank you balloon for your time and help!
So let me do this step by step:
I am starting a fresh instance of Caddy v2 beta 13 (the amd64 one attached to the beta 13 release).
I am using the following Caddyfile style configuration:
{
"experimental_http3": true
}
167.86.123.102:80, [2a02:c207:3004:1207:be:a:bad:babe]:80 {
redir https://hnrk.io{uri} 301
}
hnrk.io, www.hnrk.io {
root * /etc/caddy/html
tls /etc/caddy/hnrk.io.crt /etc/caddy/hnrk.io.key
encode brotli zstd gzip
php_fastcgi unix//run/php/php7.3-fpm.sock
try_files {path} /index.php?{query}
file_server /md* browse
file_server
}
weather-frogs.de, www.weather-frogs.de {
tls samplemail@hnrk.io
root * /etc/caddy/html/weather-frogs.de
encode brotli zstd gzip
php_fastcgi unix//run/php/php7.3-fpm.sock
try_files {path} /index.php?{query}
file_server
}
die-reikiquellen.de, www.die-reikiquellen.de {
tls samplemail@hnrk.io
root * /etc/caddy/html/die-reikiquellen.de
encode brotli zstd gzip
php_fastcgi unix//run/php/php7.3-fpm.sock
try_files {path} /index.php?{query}
file_server
}
harmoniks.de, www.harmoniks.de {
tls samplemail@hnrk.io
root * /etc/caddy/html/harmoniks.de
encode brotli zstd gzip
php_fastcgi unix//run/php/php7.3-fpm.sock
try_files {path} /index.php?{query}
file_server
}
ip.hnrk.io {
root * /etc/caddy/html/myip
tls /etc/caddy/hnrk.io.crt /etc/caddy/hnrk.io.key
encode brotli zstd gzip
php_fastcgi unix//run/php/php7.3-fpm.sock
try_files {path} /index.php?{query}
file_server
}
sql.hnrk.io {
root * /etc/caddy/html/pma
tls /etc/caddy/hnrk.io.crt /etc/caddy/hnrk.io.key
encode brotli zstd gzip
php_fastcgi unix//run/php/php7.3-fpm.sock
try_files {path} /index.php?{query}
file_server
}
postfix.hnrk.io {
root * /etc/caddy/html/pfa/public
tls /etc/caddy/hnrk.io.crt /etc/caddy/hnrk.io.key
encode brotli zstd gzip
php_fastcgi unix//run/php/php7.3-fpm.sock
try_files {path} /index.php?{query}
file_server
}
draw.hnrk.io {
root * /etc/caddy/html/draw
tls /etc/caddy/hnrk.io.crt /etc/caddy/hnrk.io.key
encode brotli zstd gzip
php_fastcgi unix//run/php/php7.3-fpm.sock
try_files {path} /index.php?{query}
file_server
}
mail.hnrk.io {
root * /etc/caddy/html/rl
tls /etc/caddy/hnrk.io.crt /etc/caddy/hnrk.io.key
encode brotli zstd gzip
php_fastcgi unix//run/php/php7.3-fpm.sock
try_files {path} /index.php?{query}
file_server * {
hide /data
}
}
fotos.hnrk.io {
root * /etc/caddy/html/fotos
tls /etc/caddy/hnrk.io.crt /etc/caddy/hnrk.io.key
encode brotli zstd gzip
php_fastcgi unix//run/php/php7.3-fpm.sock
try_files {path} /index.php?{query}
file_server
}
proxy.hnrk.io {
root * /etc/caddy/html/proxy
tls /etc/caddy/hnrk.io.crt /etc/caddy/hnrk.io.key
encode brotli zstd gzip
php_fastcgi unix//run/php/php7.3-fpm.sock
try_files {path} /index.php?{query}
file_server
}
skip.hnrk.io {
root * /etc/caddy/html/skip
tls /etc/caddy/hnrk.io.crt /etc/caddy/hnrk.io.key
encode brotli zstd gzip
php_fastcgi unix//run/php/php7.3-fpm.sock
try_files {path} /index.php?{query}
file_server
}
zeit.hnrk.io {
root * /etc/caddy/html/time
tls /etc/caddy/hnrk.io.crt /etc/caddy/hnrk.io.key
encode brotli zstd gzip
php_fastcgi unix//run/php/php7.3-fpm.sock
try_files {path} /index.php?{query}
file_server
}
frequencies.hnrk.io {
root * /etc/caddy/html/niviuk.free.fr/niviuk.free.fr
tls /etc/caddy/hnrk.io.crt /etc/caddy/hnrk.io.key
encode brotli zstd gzip
php_fastcgi unix//run/php/php7.3-fpm.sock
try_files {path} /index.php?{query}
file_server
}
dns.hnrk.io {
root * /etc/caddy/html/null
reverse_proxy * localhost:10001
tls /etc/caddy/hnrk.io.crt /etc/caddy/hnrk.io.key
encode brotli zstd gzip
php_fastcgi unix//run/php/php7.3-fpm.sock
try_files {path} /index.php?{query}
file_server
}
Notice the three domains:
- weather-frogs.de (and www subdomain)
- die-reikiquellen.de (and www subdomain)
- harmoniks.de (and www subdomain)
These should receive LE Certificates automatically from Caddy v2, because the other domains have Cert + Keyfile already given as path (/etc/caddy/hnrk.io.[crt|key])
Now when I try to navigate to these three domains via my browser, unfortunately I get this error message in Brave:
These are the logs that Caddy v2 spits out when navigating to one of them:
Jan 22 19:46:10 hnrk.io systemd[1]: Started Caddy v2.
Jan 22 19:46:10 hnrk.io caddy[11773]: 2020/01/22 18:46:10.638 INFO using provided configuration {"config_file": "/etc/v2caddy/Caddyfile", "config_adapter": "caddyfile"}
Jan 22 19:46:10 hnrk.io caddy[11773]: 2020/01/22 18:46:10.657 INFO admin admin endpoint started {"address": "localhost:2019", "enforce_origin": false, "origins": ["localhost:2019"]}
Jan 22 19:46:10 hnrk.io caddy[11773]: 2020/01/22 18:46:10.658 INFO http enabling automatic HTTP->HTTPS redirects {"server_name": "srv0"}
Jan 22 19:46:10 hnrk.io caddy[11773]: 2020/01/22 18:46:10.659 INFO http server is listening only on the HTTP port, so no automatic HTTPS will be applied to this server {"server_name": "srv1", "http_port": 80}
Jan 22 19:46:10 hnrk.io caddy[11773]: 2020/01/22 18:46:10.659 WARN http server is listening on same interface as redirects, so automatic HTTP->HTTPS redirects might be overridden by your own configuration {"server_name": "srv1", "interface": ":80"}
Jan 22 19:46:10 hnrk.io caddy[11773]: 2020/01/22 19:46:10 [INFO][cache:0xc0005bc190] Started certificate maintenance routine
Jan 22 19:46:10 hnrk.io caddy[11773]: 2020/01/22 18:46:10.699 INFO tls cleaned up storage units
Jan 22 19:46:10 hnrk.io caddy[11773]: 2020/01/22 18:46:10.699 INFO http skipping automatic certificate management because one or more matching certificates are already loaded {"domain": "draw.hnrk.io", "server_name": "srv0"}
Jan 22 19:46:10 hnrk.io caddy[11773]: 2020/01/22 18:46:10.699 INFO http skipping automatic certificate management because one or more matching certificates are already loaded {"domain": "skip.hnrk.io", "server_name": "srv0"}
Jan 22 19:46:10 hnrk.io caddy[11773]: 2020/01/22 18:46:10.699 INFO http skipping automatic certificate management because one or more matching certificates are already loaded {"domain": "sql.hnrk.io", "server_name": "srv0"}
Jan 22 19:46:10 hnrk.io caddy[11773]: 2020/01/22 18:46:10.699 INFO http skipping automatic certificate management because one or more matching certificates are already loaded {"domain": "frequencies.hnrk.io", "server_name": "srv0"}
Jan 22 19:46:10 hnrk.io caddy[11773]: 2020/01/22 18:46:10.699 INFO http skipping automatic certificate management because one or more matching certificates are already loaded {"domain": "fotos.hnrk.io", "server_name": "srv0"}
Jan 22 19:46:10 hnrk.io caddy[11773]: 2020/01/22 18:46:10.699 INFO http skipping automatic certificate management because one or more matching certificates are already loaded {"domain": "proxy.hnrk.io", "server_name": "srv0"}
Jan 22 19:46:10 hnrk.io caddy[11773]: 2020/01/22 18:46:10.699 INFO http skipping automatic certificate management because one or more matching certificates are already loaded {"domain": "ip.hnrk.io", "server_name": "srv0"}
Jan 22 19:46:10 hnrk.io caddy[11773]: 2020/01/22 18:46:10.699 INFO http skipping automatic certificate management because one or more matching certificates are already loaded {"domain": "zeit.hnrk.io", "server_name": "srv0"}
Jan 22 19:46:10 hnrk.io caddy[11773]: 2020/01/22 18:46:10.699 INFO http skipping automatic certificate management because one or more matching certificates are already loaded {"domain": "postfix.hnrk.io", "server_name": "srv0"}
Jan 22 19:46:10 hnrk.io caddy[11773]: 2020/01/22 18:46:10.699 INFO http skipping automatic certificate management because one or more matching certificates are already loaded {"domain": "mail.hnrk.io", "server_name": "srv0"}
Jan 22 19:46:10 hnrk.io caddy[11773]: 2020/01/22 18:46:10.699 INFO http skipping automatic certificate management because one or more matching certificates are already loaded {"domain": "hnrk.io", "server_name": "srv0"}
Jan 22 19:46:10 hnrk.io caddy[11773]: 2020/01/22 18:46:10.699 INFO http skipping automatic certificate management because one or more matching certificates are already loaded {"domain": "www.hnrk.io", "server_name": "srv0"}
Jan 22 19:46:10 hnrk.io caddy[11773]: 2020/01/22 18:46:10.699 INFO http skipping automatic certificate management because one or more matching certificates are already loaded {"domain": "dns.hnrk.io", "server_name": "srv0"}
Jan 22 19:46:10 hnrk.io caddy[11773]: 2020/01/22 18:46:10.699 INFO http enabling automatic TLS certificate management {"domains": ["www.die-reikiquellen.de", "www.weather-frogs.de", "weather-frogs.de", "www.harmoniks.de", "die-reikiquellen.de", "harmoniks.de"]}
Jan 22 19:46:10 hnrk.io caddy[11773]: 2020/01/22 18:46:10.703 INFO http enabling experimental HTTP/3 listener {"addr": ":443"}
Jan 22 19:46:10 hnrk.io caddy[11773]: 2020/01/22 18:46:10.704 INFO autosaved config {"file": "/root/.config/caddy/autosave.json"}
Jan 22 19:46:10 hnrk.io caddy[11773]: 2020/01/22 18:46:10.705 INFO serving initial configuration
Jan 22 19:46:31 hnrk.io caddy[11773]: 2020/01/22 19:46:31 http: TLS handshake error from 2.202.73.167:17276: no server TLS configuration available for ClientHello: &{CipherSuites:[60138 4865 4866 4867 49195 49199 49196 49200 52393 52392 49171 49172 156 157 47 53 10] ServerName:harmoniks.de SupportedCurves:[2570 29 23 24] SupportedPoints:[0] SignatureSchemes:[1027 2052 1025 1283 2053 1281 2054 1537 513] SupportedProtos:[h2 http/1.1] SupportedVersions:[23130 772 771 770 769] Conn:0xc00028c0f8}
Jan 22 19:46:31 hnrk.io caddy[11773]: 2020/01/22 19:46:31 http: TLS handshake error from 2.202.73.167:17277: no server TLS configuration available for ClientHello: &{CipherSuites:[60138 4865 4866 4867 49195 49199 49196 49200 52393 52392 49171 49172 156 157 47 53 10] ServerName:harmoniks.de SupportedCurves:[47802 29 23 24] SupportedPoints:[0] SignatureSchemes:[1027 2052 1025 1283 2053 1281 2054 1537 513] SupportedProtos:[h2 http/1.1] SupportedVersions:[43690 772 771 770 769] Conn:0xc0000104a0}
Jan 22 19:46:35 hnrk.io caddy[11773]: 2020/01/22 19:46:35 http: TLS handshake error from 2.202.73.167:17279: no server TLS configuration available for ClientHello: &{CipherSuites:[23130 4865 4866 4867 49195 49199 49196 49200 52393 52392 49171 49172 156 157 47 53 10] ServerName:die-reikiquellen.de SupportedCurves:[6682 29 23 24] SupportedPoints:[0] SignatureSchemes:[1027 2052 1025 1283 2053 1281 2054 1537 513] SupportedProtos:[h2 http/1.1] SupportedVersions:[39578 772 771 770 769] Conn:0xc000122220}
So the question is: Did I make a configuration mistake or is this a bug in Caddy v2?
Again, thank you guys for your time! 