Self-signed certs / Un-trusted CA’s

I’ve tried noTLSverify but to no avail. This is in an attempt to proxy Tp-link Omada controller running in a docker container.

Config is as so:

  - hostname: omada.mydomain.us
    service: https://192.168.1.2:8043
    originRequest:
      noTLSverify: true
      originServerName: localhost

Error is:

ERR error="Unable to reach the origin service. The service may be down or it may not be responding to traffic from cloudflared: x509: certificate signed by unknown authority" cfRay=65d6d0e13ab20fd4-ATL ingressRule=17 originService=https://192.168.1.2:8043

As per the docs this should work. I’ve opened an issue on GitHub but crickets.

I don’t use the originServerName part, but I do use localhost in the service line instead of the IP address…though I believe localhost IP address worked for me just as well.

If I take out originServerName I get this

ERR  error="Unable to reach the origin service. The service may be down or it may not be responding to traffic from cloudflared: x509: cannot validate certificate for 192.168.1.2 because it doesn't contain any IP SANs"

And if I do https://localhost:8043 I get this.


ERR  error="Unable to reach the origin service. The service may be down or it may not be responding to traffic from cloudflared: x509: certificate signed by unknown authority"