Messages

so, I'm actually not getting errors in the Caddy logs anymore which is making me think I've got something wrong somewhere else.
I'm now just getting a 522 timeout error in Firefox or a 525 SLL error in Edge when trying to connect to the domain.

my DNS records in Cloudflare point the domains to my FW WAN.

Thanks!

I changed these settings and it seems like I'm getting a certificate fine now.

However I get an SSL handshake error when trying to access the site.

• I can access it through the IP of my server locally
• I checked that the DNS stuff propagated through dnschecker.org
• Tried accessing it through an incognito browser
• I don't see traffic being blocked by the FW (looked for blocked HTTPS traffic to/from the server's IP)
• Tried changing Cloudflare DNS settings from Full(Strict) to Full, Flexible, and Off

If all looks right and this is outside the purview of Caddy/Opnsense I can go looking on the Cloudflare forums.

Hey Everyone,

I keep getting an error when Caddy tries to generate a certificate for my domains. I also turned SSL off in Cloudflare and changed to HTTP only in Caddy which resulted in a time out error when trying to access the domain.

Here's my set up

• I bought a domain from Cloudflare and set DNS records for it and the sub-domains pointing to my WAN address
• made 2 rules on the WAN interface to allow any traffic with the destination of my Firewall on HTTP+HTTPS
• made DMZ rules (where my Server is) allowing HTTP + HTTPS traffic with a destination of my Firewall
• set up Caddy plugin with my domains according to the official guide (Caddyfile attached)
• my subnets are segregated but the DMZ subnet has access to the internet
• made DMZ rules allowing HTTP + HTTPS traffic with a destination of my Server (it says you don't need to do this in the guide but)

I tried the basic troubleshooting in the guide.
The rest of the FW is working fine in terms of INET access.

I'm sure I missed something dumb but I'm just spinning my tires here.

Thanks