V2: MiddlewareHandler Module with HTTPS

I write a module as MiddlewareHandler to service git webhook request.
Here is the repo link: GitHub - WingLim/caddy-webhook: Caddy v2 module for serving a webhook.

But I got a problem, which releated to https.

I use the Caddyfile below to run a caddy server.

localhost

root * www
file_server

route /webhook {
	webhook {
		repo https://github.com/WingLim/winglim.github.io.git
		branch master
		path www
		depth 1
		type github
	}
}

Then, when I browse the localhost, the https works.
But when I request the localhost/webhook, the https didn’t work.

You can check what I say in https://limxw.com and https://limxw.com/webhook

I try to use postman to test the /webhook, it hint me this.
image

Can anybody tell me why, or which code I need to add.

When serving localhost, Caddy will automatically use a local CA to issue certificates, and install the root certificate to your system’s trust store, but Postman might not use the system trust store. In that case, you’ll need to point Postman to the root certificate. You can find it in Caddy’s data storage (the storage location depends on how you’re running Caddy and on what system) at pki/authorities/local/root.crt

It works for testing with postman.
But another question is, in the chrome with a real domain.


This is because of the chrome or caddy?
I try to add HSTS to chrome with this domain, still like this.

Well, what does your Caddyfile look like, and what’s in your logs?

Caddyfile is here:

limxw.com {
  tls 643089849@qq.com
  encode gzip

  log {
    output file /var/log/access.log
  }

  root blog
  file_server
  
  route /webhook {
    webhook {
      repo https://github.com/WingLim/winglim.github.io.git
      branch master
      path blog
      secret balabala
    }
  }
}

And the access.log for one request send by my chrome is here:

{"level":"error","ts":1619323546.815298,"logger":"http.log.access.log0","msg":"handled request","request":{"remote_addr":"117.147.13.197:3183","proto":"HTTP/2.0","method":"GET","host":"limxw.com","uri":"/webhook","headers":{"Sec-Ch-Ua-Mobile":["?0"],"Dnt":["1"],"Sec-Fetch-Mode":["navigate"],"Sec-Fetch-Dest":["document"],"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9"],"Sec-Fetch-Site":["none"],"Sec-Fetch-User":["?1"],"Accept-Encoding":["gzip, deflate, br"],"Cache-Control":["max-age=0"],"Sec-Ch-Ua":["\" Not A;Brand\";v=\"99\", \"Chromium\";v=\"90\", \"Google Chrome\";v=\"90\""],"Upgrade-Insecure-Requests":["1"],"User-Agent":["Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36"],"Accept-Language":["en-US,en;q=0.9,zh-CN;q=0.8,zh;q=0.7"]},"tls":{"resumed":true,"version":772,"cipher_suite":4865,"proto":"h2","proto_mutual":true,"server_name":"limxw.com"}},"common_log":"117.147.13.197 - - [25/Apr/2021:04:05:46 +0000] \"GET /webhook HTTP/2.0\" 500 0","duration":0.000076297,"size":0,"status":500,"resp_headers":{"Server":["Caddy"]}}

I test the same GET request in postman, the postman tells me SSL work.
The logs of postman request:

{"level":"error","ts":1619323754.1526093,"logger":"http.log.access.log0","msg":"handled request","request":{"remote_addr":"117.147.13.197:3917","proto":"HTTP/1.1","method":"GET","host":"limxw.com","uri":"/webhook","headers":{"Referer":["http://limxw.com/webhook"],"User-Agent":["PostmanRuntime/7.26.10"],"Accept":["*/*"],"Postman-Token":["d5c9f640-da75-48f9-ad19-88c3213dcfc6"],"Accept-Encoding":["gzip, deflate, br"],"Connection":["keep-alive"]},"tls":{"resumed":true,"version":772,"cipher_suite":4865,"proto":"","proto_mutual":true,"server_name":"limxw.com"}},"common_log":"117.147.13.197 - - [25/Apr/2021:04:09:14 +0000] \"GET /webhook HTTP/1.1\" 500 0","duration":0.000118742,"size":0,"status":500,"resp_headers":{"Server":["Caddy"]}}

The most difference is the protocol, chrome use HTTP/2.0 and postman use HTTP/1.1, will it be the reason?

I do the same things which is just request the /webhook in safari.
In safari the https just work, so it was something wrong with chrome settings maybe.

Test on firefox, https works too.

I don’t mean the access logs, I mean Caddy’s regular log output. You didn’t fill out the help topic template so I don’t know how you’re running Caddy but, there’s a stream of logs output to stdout/stderr that you should look at to see what happened with ACME certificate issuance.

If it’s working in other browsers though, then Chrome probably is just caching something incorrectly. Clear out your browser’s state and try again.

This topic was automatically closed after 30 days. New replies are no longer allowed.