10 hours ago I created a wildcard certificate for my domain “paypack.rw”. It took time for the cerficate to get ready because my DNS being cloudflare was in the way with it’s proxying. Upon turning it off for a bit worked. The app itself is caddy serving as a proxy to two other apps each it’s own subdomain. Later I wanted to server something on root but I’m failing to establish a TLS connection even after deactivating everything cloudflare except DNS even though it works over http.
✗ curl -v https://paypack.rw
* Rebuilt URL to: https://paypack.rw/
* Trying 213.188.209.3...
* TCP_NODELAY set
* Trying 2a09:8280:1:de13:15:1d4c:cffe:d09b...
* TCP_NODELAY set
* Immediate connect fail for 2a09:8280:1:de13:15:1d4c:cffe:d09b: Network is unreachable
* Trying 2a09:8280:1:de13:15:1d4c:cffe:d09b...
* TCP_NODELAY set
* Immediate connect fail for 2a09:8280:1:de13:15:1d4c:cffe:d09b: Network is unreachable
* Connected to paypack.rw (213.188.209.3) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS alert, Server hello (2):
* error:14094419:SSL routines:ssl3_read_bytes:tlsv1 alert access denied
* stopped the pause stream!
* Closing connection 0
curl: (35) error:14094419:SSL routines:ssl3_read_bytes:tlsv1 alert access denied
The caddy configuration has https turned off:
{
debug
auto_https off
admin 0.0.0.0:2019
}
:80 {
log {
level DEBUG
output stderr
}
respond "Im healthy!" 200
}
# I added this part after....
http://{$DOMAIN}, http://www.{$DOMAIN} {
respond "Coming soon!" 200
}
http://payments.{$DOMAIN} {
reverse_proxy payments.internal:8080
}
http://wages.{$DOMAIN} {
reverse_proxy wages.internal:8080
}