Cloudflare + caddy in docker 502 tls: internal error

Hello,

I am trying to create a tunnel using cloudflared and caddy but i’m stuck and I didn’t find any solution on this forum nor google.

My setup is based of docker containers.

I have cloudflared and my caddy in the same network. My caddy container is named “caddy”.

In my Caddyfile,
I’ve set cloud.mydomain.com to redirect to my cloud service and it have a Let’s Encrypt certificate.
I was already using it as a reverse proxy for my local network and internet without a tunnel (but may need tweaks?).

On the Clouflare dashboard,
I’ve created a tunnel and it’s healthy.

Next I’ve added a public hostname :

  • (sub)domain : cloud.mydomain.com
  • service: https://caddy:443 (name of my container)

I’ve tried :

  • No TLS Verify to off
  • HTTP Host Header to cloud.mydomain.com

The error i’m getting in the cloudflared logs is :

ERR error="Unable to reach the origin service. The service may be down or it may not be responding to traffic from cloudflared: remote error: tls: internal error"

I see the cause of the exception is : tls: internal error but I have no clue.

Now i’m stuck and can’t find what to do next …

If any of you can help me, thank you.

Found the solution myself.

If you are tunneling into a reverse proxying like me, set your origin service of your tunnel to your caddy container name and, this is the important part I could not find earlier :

set the Origin Server Name to the matching caddy rule you want to reverse proxy (ie for me cloud.mydomain.com)

Hope it will help others…

2 Likes

Thanks for updating !