I have a site I access via https://172.21.0.33:8443
(this is a docker network). In order to simplify the URLs, I wanted to proxify a FQDN to that site:
https://unifi.example.info {
proxy / https://172.21.0.33:8443 {
insecure_skip_verify
transparent
}
}
My intent was to have Caddy forward the traffic to 172.21.0.33:8443
without terminating the TLS connection itself (the TLS connection is handled by 172.21.0.33
). When requesting https://unifi.example.info the call fails with a error:14094438:SSL routines:ssl3_read_bytes:tlsv1 alert internal error
and I see in Caddy logs
2019/07/31 17:57:26 http: TLS handshake error from 192.168.10.251:9191: no certificate available for 'unifi.example.info'
Why is Caddy looking for a cert while it should simply forward the call?