Hopefully you all can help!
I’ve been to hundreds of threads over the last few days trying to puzzle this out, with no luck.
The problem:
- Caddy v2 with acme HTTP-1 ACME challenge (Changed from TLS-ALPN challenge)
- Cloudflair DNS with proxy ON
- All cloudflair https is off
- This is a .co domain
Any attempt to get certificates fails with an invalid challenge response. If I try and navigate (or curl) to the challenge directly I always get SSL validation errors as if all the requests are trying to upgrade to HTTPS.
I’m kind of at my wit’s end here and am running out of things to try.
If I turn Cloud flare proxy off and go back to TLS-ALPN challenge, everything works as expected. However I do not wish to expose myself directly and want to use the proxy.
What should I be doing?
I run the setup you’re aiming for, and as the other guy said, DNS challenge is the way to go. That’s what I do, and it works beautifully. It even works with Caddy auto-https, you just need to build Caddy with the cloudflare-dns plugin.