1. The problem I’m having:
Getting a Secure Connection Failed SSL_ERROR_INTERNAL_ERROR_ALERT
error on the www. subdomain of my site. I can reach the naked domain as expected, but cannot reach the www. subdomain as browser thinks it is insecure.
I’ve got an Ubuntu 20.04 server running on Digital Ocean. I followed this tutorial to get Caddy running.
Digital Ocean domain settings:
- A record with
example.com
as hostname that directs to my DO server IP address - CNAME with
www.example.com
as hostname that is an alias of A record hostname
2. Error messages and/or full log output:
Browser error message when trying to visit www.example.com:
SSL_ERROR_INTERNAL_ERROR_ALERT
3. Caddy version:
v2.6.4 h1:2hwYqiRwk1tf3VruhMpLcYTg+11fCdr8S3jhNAdnPy8=
4. How I installed and ran Caddy:
Built Caddy from xcaddy, with the digitalocean dns plugin.
I followed the instructions on a Digital Ocean tutorial. While it is recommended to use the official Caddy install docs, the DO guide seems similar enough to the Caddy docs, but also provides further details that the Caddy docs seemed to assume.
a. System environment:
Ubuntu 20.04
b. Command:
sudo systemctl restart caddy # restart caddy
sudo systemctl enable caddy # enable caddy so it runs on boot
c. Service/unit/compose file:
[Unit]
Description=Caddy
Documentation=https://caddyserver.com/docs/
After=network.target network-online.target
Requires=network-online.target
[Service]
Type=notify
User=caddy
Group=caddy
Environment=DO_AUTH_TOKEN=[redacted]
ExecStart=/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile
ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile --force
TimeoutStopSec=5s
LimitNOFILE=1048576
LimitNPROC=512
PrivateTmp=true
ProtectSystem=full
AmbientCapabilities=CAP_NET_BIND_SERVICE
[Install]
WantedBy=multi-user.target
d. My complete Caddy config:
zelip.org {
root * /var/www
encode gzip
file_server
tls {
dns digitalocean {env.DO_AUTH_TOKEN}
}
}
5. Links to relevant resources:
The instructions I used to build/use Caddy, How To Host a Website with Caddy on Ubuntu 22.04 | DigitalOcean