taskserver icon indicating copy to clipboard operation
taskserver copied to clipboard

Published 20 hours ago verified publisher icon GothenburgBitFactory

Setting the port to 443 (https) results in 'Malformed message' error

Open jakec-dev opened this issue 2 years ago • 2 comments

vars:

BITS=4096
EXPIRATION_DAYS=365
ORGANIZATION="#####"
CN=task.#####.dev
COUNTRY=###
STATE="#####"
LOCALITY="#####"

docker-compose.yml:

version: '3.3'

services:
  taskd:
    restart: always
    image: connectical/taskd
    volumes:
      - /opt/task:/var/taskd
    ports:
      - 53589:53589

networks:
  default:
    external:
      name: caddy_net

Caddyfile:

task.#####.dev {
  reverse_proxy taskd:53589
  tls {
    dns cloudflare #####
  }
}

taskrc:

taskd.key=~/Documents/task/client.key.pem
taskd.ca=~/Documents/task/ca.cert.pem
taskd.server=task.#####.dev:443
taskd.credentials=#####/#####/#####-#####-#####
taskd.certificate=~/Documents/task/client.cert.pem
#taskd.trust=allow all
taskd.trust=ignore hostname

Result of task sync init:

Please confirm that you wish to upload all your tasks to the Taskserver (yes/no) yes
Syncing with task.#####.dev:443

Malformed message
Sync failed.  Could not connect to the Taskserver.

jakec-dev avatar Dec 31 '21 22:12 jakec-dev

Does this happen if caddy is circumvented, i.e. connecting via localhost:443?

tbabej avatar Dec 31 '21 23:12 tbabej

Are you certain caddy can tunnel a mTLS session? pretty sure reverse_proxy is for http(2) in caddy. The protocol is lines json over mtls with no HTTP use.

jrabbit avatar Jan 01 '22 17:01 jrabbit