I'm running a Caddy server as a Docker container and I get a TLS error, here's what it spits out when I try to debug it with: curl -v https://local.blah.com.
* ALPN: curl offers h2,http/1.1
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* CAfile: /etc/ssl/certs/ca-certificates.crt
* CApath: /etc/ssl/certs
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (OUT), TLS alert, unknown CA (560):
* SSL certificate problem: unable to get local issuer certificate
* Closing connection
The certs are inside /etc/certs and I've double checked that the folder isn't empty.
After inspecting the Caddyfile:
https://*.blah.com {
reverse_proxy web {
header_up -x-forwarded-proto
}
tls /etc/certs/cert.pem /etc/certs/key.pem
header -server
}
I think this clearly specifies where to find the files so I'm even confused why curl checks etc/ssl/certs.
Thanks in advance.