"
I was able to fix it, it was a bad config on the DNS, it was pointing to the server IP instead of OPNsense IP to handle the reverse proxy correctly.
Quote from: lucasconde on June 28, 2025, 06:07:54 AMHi all, I'm setting up Caddy behind OPNsense and running into an issue that I suspect is either a misconfiguration on my part or a misunderstanding of how NAT and Caddy work together.
Setup details:
- OPNsense as the router
- VLAN 20 for LAN
- VLAN 50 for servers
Caddy is configured and successfully issues Let's Encrypt certificates
The upstream service (Minio) is running over HTTP on port 9001
I created a NAT rule to forward HTTPS traffic to port 9001 on the server, but I'm getting a ERR_SSL_PROTOCOL_ERROR. If I create a NAT rule for plain HTTP instead, it works fine.
A few questions:
- Has anyone experienced this behavior with Minio over HTTP? Could Minio be rejecting the SSL termination from Caddy?
- I assumed that once a handler is set up in the Caddyfile, Caddy would take care of routing automatically—but it seems like it doesn't touch NAT rules. Is that correct?
Any guidance or clarification on how Caddy and OPNsense should interact in this case would be greatly appreciated!
Thanks in advance.
