WSL2 Issues - tls: unknown certificate

1. Caddy version 2.0.0

2. How I run Caddy:

Running WSL 2 with Ubuntu 20.04. I typically set up local domains for hosting; e.g., kaitlynconcilio.test. The hosts file is configured on the Windows host and a Mac that鈥檚 trying to access via the network. The Windows IP address is 192.168.1.22, and connected via bridge/port forwarding to the WSL 2 layer (per [WSL 2] NIC Bridge mode 馃枾 (Has TCP Workaround馃敤) 路 Issue #4150 路 microsoft/WSL 路 GitHub) on ports 22, 80, 8080 and 443.

a. System environment:

Windows 10 Build 19041
WSL 2 Ubuntu 20.04
Caddy 2

b. Command:

sudo caddy start

d. My complete Caddyfile or JSON config:

(I am not certain that i have the PHP parts right, but I need to get this working before I can test those)

{
    default_sni '192.168.1.22'
    local_certs
}

kaitlynconcilio.test
    root * /home/kaitlyn/Sites/kaitlynconcilio.com/Public
    php_fastcgi unix//var/run/php/php7.4-fpm.sock
    file_server

3. The problem I鈥檓 having:

When I try to access kaitlynconcilio.test, first the browser complains the certificate is funky (expected). But then it throws a 500 error and says the page isn鈥檛 working. On the command line, it outputs

2020/05/26 00:13:58 http: TLS handshake error from 172.30.96.1:57031: remote error: tls: unknown certificate

every time a request comes in, though the port changes.

5. What I already tried:

I tried to forward the port that the TLS handshake was coming through on to see if that would help, but gave up as it鈥檚 a large moving target (moved around at least within a range of ~2000 ports).

I tried including the default_sni as advised in one of the other posts about issues with Docker networking; I鈥檓 fairly certain the problem has something to do with how the request comes through.

The WSL2 IP address is 172.30.105.91; I assume 172.30.96.1 is the Windows host from the inside, but am not sure how to confirm it. I hope there鈥檚 a simple configuration I鈥檓 missing somewhere, but I鈥檓 worried it鈥檚 going to be one of those 鈥淲SL2 is a WIP鈥 things that might just have to wait until they get it all straightened out.

Check that, I tried my actual brain and did a respond 鈥渉i鈥 block and it worked, so I need to work on my other configurations. I will dig around further before bothering anyone else.

What was the issue ultimately? I鈥檓 sure someone else who comes along and finds this would be curious to know.

To be honest, I鈥檓 fairly certain the problem is that my PHP configuration isn鈥檛 working, and the tls handshake error is not an issue (I tried accessing a static file and it works fine). I did add a 鈥渢ls internal鈥 under the domain, but I鈥檓 not 100% certain it鈥檚 actually doing anything.

This topic was automatically closed after 30 days. New replies are no longer allowed.