Tls self_signed - Not working correctly since a few versions

magikstm commented 5 years ago

1. Which version of Caddy are you using (`caddy -version`)?

Caddy 0.11.5 (non-commercial use only)

2. What are you trying to do?

Use tls self_signed for a local development Caddy server.

3. What is your Caddyfile?

:2021 {
root C:\sites\1
log “” access2019.log “{remote} | {>User-Agent} | {user} | {when} | {method} | {uri} | {proto} | {status} | {size} | {latency_ms}”

gzip
on startup php_cgi2.bat &
fastcgi / 127.0.0.1:6545 php
tls self_signed
}

4. How did you run Caddy (give the full command and describe the execution environment)?

I'm using Windows 7 x64.

I typed "caddy" in cmd in the folder containing caddy.exe.

5. Please paste any relevant HTTP request(s) here.

N/A

6. What did you expect to see?

Server starting and running normally.

7. What did you see instead (give full error messages and/or log)?

2019/03/04 19:39:27 self-signed: certificate has no names

8. Why is this a bug, and how do you think this should be fixed?

It doesn't respect docs here: https://caddyserver.com/docs/tls

It worked correctly with Caddy 0.11.1.

9. What are you doing to work around the problem in the meantime?

I commented this line:

tls self_signed

10. Please link to any related issues, pull requests, and/or discussion.

https://caddy.community/t/tls-self-signed-windows-7-x64-caddy-0-11-5/5299

Bonus: What do you use Caddy for? Why did you choose Caddy?

mholt commented 5 years ago

Thanks for the report. I could reproduce it. This one might require a change in CertMagic to fix fully.

francislavoie commented 5 years ago

@STaRDoGG see PR #2531, it's a work in progress.

linquize commented 5 years ago

Should this issue be fixed in 1.0.0? Many users use self sign cert for development purpose

mholt commented 5 years ago

I'll get around to it soon. It's not a blocker for 1.0, and I'm currently redesigning how self-signed certs are managed.

magikstm commented 4 years ago

Is this issue still considered for Caddy 1.x?

I tested with Caddy 1.0.3 and I still have the issue.

mholt commented 4 years ago

It will probably be worked on more for Caddy 2, tbh. Caddy 2 is really close to being "done" (for an initial stable release).

sergeevabc commented 4 years ago

Agggrrrhh. What’s the proper way to get HTTPS working on localhost with Caddy2?

localhost, localhost:80, localhost:443
tls self_signed
file_server browse
encode zstd gzip

outputs

run: adapting config using caddyfile: parsing caddyfile tokens for 'tls':
Caddyfile:2 - Error during parsing: single argument must be an email address

mholt commented 4 years ago

There is no self_signed in Caddy 2. The v1 implementation was bad. I have a call today with a company to discuss implementing something better than it over the next few months, so just hang tight.

mholt commented 4 years ago

Anyone interested in this please follow #3125 and try it out ASAP, it will be the successor to the v1 self_signed feature. Thanks!

sergeevabc commented 4 years ago

@mholt, how is one supposed to try it if there is no binary attached?

mholt commented 4 years ago

For now, just clone the branch and run go build from the cmd/caddy folder.

francislavoie commented 4 years ago

@sergeevabc you should also be able to try it with one of the CI build artifacts: https://dev.azure.com/mholt-dev/Caddy/_build/results?buildId=927&view=artifacts&type=publishedArtifacts

sergeevabc commented 4 years ago

I managed to download Caddy2’s binary thanks to @francislavoie, but not sure how to proceed with configuration, because I do not and never will use JSON for configuration. Caddyfile looks as follows

localhost:80
file_server browse
encode zstd gzip

I tried adding issuer internal, but with no success. What should I add there?

francislavoie commented 4 years ago

If you read the PR, you'll see that Caddyfile support isn't ready yet for this feature. In the meantime, you can easily convert your Caddyfile config to JSON with the caddy adapt command and go from there.

caddyserver / caddy