I have a VM where a caddy server is hosted with simple https settings. CaddyFile:
<my domain name>:2083 { reverse_proxy /path 127.0.0.1:26364}:443 { root * /var/www/html file_server}The domain name has been resolved to the VM ip successfully. When I access through browser https://serverdomain the page cannot be loaded. Wireshark shows the dest port send back a RST immediately after client send ClientHello.
Server side has the log "TLS handshake failure. Write:Connection reset by peer."
ClientHello content:
If I used a CDN to proxy the domain like CloudFlare, in such case domain is mapped to CloudFlare node ip and CloudFlare transfers the network to my VM, the TLS connections (from my desktop to CloudFlare, and from CloudFlare to server) work fine.
CloudFlare should make no different other than that the dns record for server domain is changed to CloudFlare ip, because it just adds an intermediate node to the network. The TLS works fine with CloudFlare but it slows down my network dramatically.Powershell Invoke-WebRequest also returned "connection reset error".
Openssl result:
openssl s_client -connect <server domain>:443Connecting to <server ip>CONNECTED(000001EC)write:errno=10054---no peer certificate available---No client certificate CA names sentNegotiated TLS1.3 group: <NULL>---SSL handshake has read 0 bytes and written 1549 bytesVerification: OK---New, (NONE), Cipher is (NONE)Protocol: TLSv1.3This TLS version forbids renegotiation.Compression: NONEExpansion: NONENo ALPN negotiatedEarly data was not sentVerify return code: 0 (ok)---What could be happening here? What else can I try to find a clue?Totally lost for days so would be so much appreciated for the answer.