Tls self_signed - Not working correctly since a few versions

[magikstm]

1. Which version of Caddy are you using (caddy -version)?

Caddy 0.11.5 (non-commercial use only)

2. What are you trying to do?

Use tls self_signed for a local development Caddy server.

3. What is your Caddyfile?

:2021 {
root C:\sites\1
log “” access2019.log “{remote} | {>User-Agent} | {user} | {when} | {method} | {uri} | {proto} | {status} | {size} | {latency_ms}”

gzip
on startup php_cgi2.bat &
fastcgi / 127.0.0.1:6545 php
tls self_signed
}

4. How did you run Caddy (give the full command and describe the execution environment)?

I'm using Windows 7 x64.

I typed "caddy" in cmd in the folder containing caddy.exe.

5. Please paste any relevant HTTP request(s) here.

N/A

6. What did you expect to see?

Server starting and running normally.

7. What did you see instead (give full error messages and/or log)?

2019/03/04 19:39:27 self-signed: certificate has no names

8. Why is this a bug, and how do you think this should be fixed?

It doesn't respect docs here:
https://caddyserver.com/docs/tls

It worked correctly with Caddy 0.11.1.

9. What are you doing to work around the problem in the meantime?

I commented this line:

tls self_signed

10. Please link to any related issues, pull requests, and/or discussion.

https://caddy.community/t/tls-self-signed-windows-7-x64-caddy-0-11-5/5299

Bonus: What do you use Caddy for? Why did you choose Caddy?

[mholt]

Thanks for the report. I could reproduce it. This one might require a change in CertMagic to fix fully.

[francislavoie]

@STaRDoGG see PR #2531, it's a work in progress.

[linquize]

Should this issue be fixed in 1.0.0? Many users use self sign cert for development purpose

[mholt]

I'll get around to it soon. It's not a blocker for 1.0, and I'm currently redesigning how self-signed certs are managed.

[magikstm]

Is this issue still considered for Caddy 1.x?

I tested with Caddy 1.0.3 and I still have the issue.

[mholt]

It will probably be worked on more for Caddy 2, tbh. Caddy 2 is really close to being "done" (for an initial stable release).

[sergeevabc]

Agggrrrhh. What’s the proper way to get HTTPS working on localhost with Caddy2?

localhost, localhost:80, localhost:443
tls self_signed
file_server browse
encode zstd gzip

outputs

run: adapting config using caddyfile: parsing caddyfile tokens for 'tls':
Caddyfile:2 - Error during parsing: single argument must be an email address

[mholt]

There is no self_signed in Caddy 2. The v1 implementation was bad. I have a call today with a company to discuss implementing something better than it over the next few months, so just hang tight.

[mholt]

Anyone interested in this please follow #3125 and try it out ASAP, it will be the successor to the v1 self_signed feature. Thanks!

[sergeevabc]

@mholt, how is one supposed to try it if there is no binary attached?

[mholt]

For now, just clone the branch and run go build from the cmd/caddy folder.

[francislavoie]

@sergeevabc you should also be able to try it with one of the CI build artifacts: https://dev.azure.com/mholt-dev/Caddy/_build/results?buildId=927&view=artifacts&type=publishedArtifacts

[sergeevabc]

I managed to download Caddy2’s binary thanks to @francislavoie, but not sure how to proceed with configuration, because I do not and never will use JSON for configuration. Caddyfile looks as follows

localhost:80
file_server browse
encode zstd gzip

I tried adding issuer internal, but with no success. What should I add there?

[francislavoie]

If you read the PR, you'll see that Caddyfile support isn't ready yet for this feature. In the meantime, you can easily convert your Caddyfile config to JSON with the caddy adapt command and go from there.