I have letsencrypt certificates fullchain.pem and privkey.pem. I want to start caddy docker with them and use that local certificates files I uploaded.
4. Error messages and/or full log output:
2019/10/12 15:17:43 /etc/Caddyfile:3 - Error during parsing: Unable to load certificate and key files for ‘status.serverkurma.com’: open /opt/certs/fullchain.pem: no such file or directory
5. What I already tried:
chaning tsl block and didnt help anything. Changed permissions of certs folder.
My cert files in /opt folder
drw-r----- 2 root www-data 4096 Oct 12 17:14 certs/
2019/10/12 19:07:54 [INFO] Successfully loaded TLS assets from /etc/ssl/fullchain.pem and /etc/ssl/privkey.pem
Activating privacy features... done.
Serving HTTPS on port 2015
https://status.serverkurma.com:2015
2019/10/12 19:07:54 [INFO] Serving https://status.serverkurma.com:2015
2019/10/12 19:07:54 [INFO][cache:0xc000032820] Started certificate maintenance routine
2019/10/12 19:07:54 [WARNING] Sending telemetry (attempt 1): Post https://telemetry.caddyserver.com/v1/update/9c4a6c78-3cbb-41ad-be77-d02eac89f471: x509: certificate signed by unknown authority - backing off and retrying
2019/10/12 19:08:02 [WARNING] Sending telemetry (attempt 2): Post https://telemetry.caddyserver.com/v1/update/9c4a6c78-3cbb-41ad-be77-d02eac89f471: x509: certificate signed by unknown authority - backing off and retrying
2019/10/12 19:08:30 [WARNING] Sending telemetry (attempt 3): Post https://telemetry.caddyserver.com/v1/update/9c4a6c78-3cbb-41ad-be77-d02eac89f471: x509: certificate signed by unknown authority - backing off and retrying
2019/10/12 19:09:34 [ERROR] Sending telemetry: Post https://telemetry.caddyserver.com/v1/update/9c4a6c78-3cbb-41ad-be77-d02eac89f471: x509: certificate signed by unknown authority
Since you provided keys, Automatic HTTPS is disabled. With Automatic HTTPS disabled, Caddy does not manage your certificate, set up a redirect listener, or move the port to 443 - it sticks with the default port 2015.
You’d have to configure your sites manually to replicate the behaviour of Automatic HTTPS.
As a quick note also, the port is implicit in the scheme, so instead of specifying :443 for example you could use https:// (which I find looks nicer and is more intuitive).