Caddy: Tls self_signed - Not working correctly since a few versions
1. Which version of Caddy are you using (caddy -version)?
Caddy 0.11.5 (non-commercial use only)
2. What are you trying to do?
Use tls self_signed for a local development Caddy server.
3. What is your Caddyfile?
:2021 {
root C:\sites\1
log “” access2019.log “{remote} | {>User-Agent} | {user} | {when} | {method} | {uri} | {proto} | {status} | {size} | {latency_ms}”
gzip
on startup php_cgi2.bat &
fastcgi / 127.0.0.1:6545 php
tls self_signed
}
4. How did you run Caddy (give the full command and describe the execution environment)?
I'm using Windows 7 x64.
I typed "caddy" in cmd in the folder containing caddy.exe.
5. Please paste any relevant HTTP request(s) here.
N/A
6. What did you expect to see?
Server starting and running normally.
7. What did you see instead (give full error messages and/or log)?
2019/03/04 19:39:27 self-signed: certificate has no names
8. Why is this a bug, and how do you think this should be fixed?
It doesn't respect docs here:
https://caddyserver.com/docs/tls
It worked correctly with Caddy 0.11.1.
9. What are you doing to work around the problem in the meantime?
I commented this line:
tls self_signed
10. Please link to any related issues, pull requests, and/or discussion.
https://caddy.community/t/tls-self-signed-windows-7-x64-caddy-0-11-5/5299
Bonus: What do you use Caddy for? Why did you choose Caddy?
magikstm
All 14 comments
Thanks for the report. I could reproduce it. This one might require a change in CertMagic to fix fully.
mholt
on 9 Mar 2019
@STaRDoGG see PR #2531, it's a work in progress.
francislavoie
on 29 Mar 2019
Should this issue be fixed in 1.0.0? Many users use self sign cert for development purpose
linquize
on 20 Apr 2019
I'll get around to it soon. It's not a blocker for 1.0, and I'm currently redesigning how self-signed certs are managed.
mholt
on 20 Apr 2019
Is this issue still considered for Caddy 1.x?
I tested with Caddy 1.0.3 and I still have the issue.
magikstm
on 10 Nov 2019
It will probably be worked on more for Caddy 2, tbh. Caddy 2 is really close to being "done" (for an initial stable release).
mholt
on 11 Nov 2019
Agggrrrhh. What’s the proper way to get HTTPS working on localhost with Caddy2?
localhost, localhost:80, localhost:443
tls self_signed
file_server browse
encode zstd gzip
outputs
run: adapting config using caddyfile: parsing caddyfile tokens for 'tls':
Caddyfile:2 - Error during parsing: single argument must be an email address
sergeevabc
on 3 Feb 2020
There is no self_signed in Caddy 2. The v1 implementation was bad. I have a call today with a company to discuss implementing something better than it over the next few months, so just hang tight.
mholt
on 3 Feb 2020
Anyone interested in this please follow #3125 and try it out ASAP, it will be the successor to the v1 self_signed feature. Thanks!
mholt
on 7 Mar 2020
@mholt, how is one supposed to try it if there is no binary attached?
sergeevabc
on 7 Mar 2020
For now, just clone the branch and run go build from the cmd/caddy folder.
mholt
on 7 Mar 2020
@sergeevabc you should also be able to try it with one of the CI build artifacts: https://dev.azure.com/mholt-dev/Caddy/_build/results?buildId=927&view=artifacts&type=publishedArtifacts
francislavoie
on 7 Mar 2020
I managed to download Caddy2’s binary thanks to @francislavoie, but not sure how to proceed with configuration, because I do not and never will use JSON for configuration. Caddyfile looks as follows
localhost:80
file_server browse
encode zstd gzip
I tried adding issuer internal, but with no success. What should I add there?
sergeevabc
on 7 Mar 2020
If you read the PR, you'll see that Caddyfile support isn't ready yet for this feature. In the meantime, you can easily convert your Caddyfile config to JSON with the caddy adapt command and go from there.
francislavoie
on 7 Mar 2020
Related issues
billop
·
3Comments
ericmdantas
·
3Comments
mholt
·
3Comments
SteffenDE
·
3Comments
mikolysz
·
3Comments
Most helpful comment
I'll get around to it soon. It's not a blocker for 1.0, and I'm currently redesigning how self-signed certs are managed.