sablier icon indicating copy to clipboard operation
sablier copied to clipboard
verified publisher icon acouvreur

Caddy with SSL does not work for dynamic loading screen

Open valankar opened this issue 1 year ago • 3 comments

Describe the bug When using HTTPS endpoint, it seems the dynamic loading screen does not work. Here is the curl output:

valankar@debian ~/caddy> curl -v https://valankar.ftp.sh/accounts_plotly/
*   Trying [2a01:4f9:c011:8a49::1]:443...
* Connected to valankar.ftp.sh (2a01:4f9:c011:8a49::1) port 443 (#0)
* ALPN: offers h2,http/1.1
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
*  CAfile: /etc/ssl/certs/ca-certificates.crt
*  CApath: /etc/ssl/certs
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_128_GCM_SHA256
* ALPN: server accepted h2
* Server certificate:
*  subject: CN=valankar.ftp.sh
*  start date: Apr 20 10:31:25 2024 GMT
*  expire date: Jul 19 10:31:24 2024 GMT
*  subjectAltName: host "valankar.ftp.sh" matched cert's "valankar.ftp.sh"
*  issuer: C=US; O=Let's Encrypt; CN=R3
*  SSL certificate verify ok.
* using HTTP/2
* h2h3 [:method: GET]
* h2h3 [:path: /accounts_plotly/]
* h2h3 [:scheme: https]
* h2h3 [:authority: valankar.ftp.sh]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 1 (easy handle 0x55b2107d0400)
> GET /accounts_plotly/ HTTP/2
> Host: valankar.ftp.sh
> user-agent: curl/7.88.1
> accept: */*                                                                                                                                                                                                                                                                              >
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* HTTP/2 stream 1 was not closed cleanly: PROTOCOL_ERROR (err 1)
* Connection #0 to host valankar.ftp.sh left intact
curl: (92) HTTP/2 stream 1 was not closed cleanly: PROTOCOL_ERROR (err 1)

And when I use the HTTP endpoint, it works:

valankar@debian ~/caddy> curl -v http://valankar.ftp.sh/accounts_plotly/
...
<div class="terminal">
    <h1><span>Starting </span> <span class="error_code">Accounts</span>...</h1>
    <p class="output"><span>Your instance(s) will stop after 1 minutes of inactivity</span>.</p>

    <div class="details">
        <p class="output small command"><span>sablier status <span class="error_code">accounts</span></span></code></p>
        <p class="output small success"><span>accounts</span> is not-ready <code>(0/1)</code></p>
    </div>

</div>
</body>

Context

  • Sablier version: 1.6.1
  • Provider: docer 26.1.0
  • Reverse proxy: caddy 2.7.6
  • Sablier running inside a container? yes

Expected behavior Working via HTTPS.

valankar avatar Apr 27 '24 13:04 valankar