Hello,
I am looking to serve 2 web apps over cloudflared tunnel via caddy as reverse proxy. When applying service: http://localhost it is routing traffic perfectly. The issue only happening with the following scenario:
- I did generate origin cert from Cloudflare SSL tab
- get Cloudflare Origin Pull CA
- cloudflared config
- hostname: test.example.com
service: https://localhost
originRequest:
httpHostHeader: test.example.com
originServerName: test.example.com
- hostname: test2.example.com
service: https://localhost
originRequest:
originServerName: test2.example.com
httpHostHeader: test2.example.com
- service: http_status:404
4- caddy config
https://test2.example.com {
tls /etc/ssl/certs/cert.pem /etc/ssl/private/key.pem {
client_auth {
mode require_and_verify
trusted_ca_cert_file /etc/ssl/certs/origin-pull-ca.pem
}
}
respond "Hello, world!"
}
https://test.example.com {
tls /etc/ssl/certs/cert.pem /etc/ssl/private/key.pem {
client_auth {
mode require_and_verify
trusted_ca_cert_file /etc/ssl/certs/origin-pull-ca.pem
}
}
respond "Hello, world2!"
}
- request are not routed to caddy. Instead, I can see this error
Unable to reach the origin service. The service may be down or it may not be responding to traffic from cloudflared: remote error: tls: bad certificate - tried to add
noTLSVerify: trueon both ingress. Unfortunately, I am still getting same issue.
any idea to proceed with https end to end?
here come another question in place Authenticated Origin Pulls won’t be effective anymore. to resolve it maybe should I specify caPool in config.yaml 