After configuring the TLS-certificate in the coder config I can no longer reach the web ui
After configuring the TLS-certificate in the coder config I can no longer reach the web ui. I am getting HTTP ERROR 400.
Coder-setup:
- I am running coder v0.14.1 as system proccess via the install script
- To reach coder I am using nginx as a proxy server. It should only proxy request from https://coder.domain.com/ to http://127.0.0.1:3000/ (to reach the coder ui). It also redirects http://coder.domain.com/ to https://coder.domain.com/. The wildcard certificate is also installed here with nginx
- My wildcard domain in coder is *.domain.com
10 Replies
Steps to reproduce:
- I generated a wildcard certificate using certbot with the command
certbot certonly --manual -d *.domain.com -d domain.com --agree-tos --manual-public-ip-logging-ok --preferred-challenges dns-01 --server https://acme-v02.api.letsencrypt.org/directory --register-unsafely-without-email --rsa-key-size 4096
- I put the certificate in the directory /etc/coder.d and gave file permission to the coder user
- in the coder.env file I enabled the TLS certificate:
- I restart the coder service using systemctl restart coder
- The process starts with no errors:
service coder status:
Error:
When I try to reach coder.domain.com I get the error HTTP 400:
I wanted to start coder manualy to keep streaming logs but I can't do so as root user. Also I can't login as the coder user. Should I maybe create a new user and try running
coder server?
With
CODER_TLS_ENABLE=FALSE everything is working again.@Tom Thomson - working again, as in you can access your coder with TLS?
No, this disables tls and when I access my workspaces I don't have ssl certificates.
Ah. Ok. Unfortunately, I'm not using TLS at the Coder level, so can't help much.
Thanks anyway
Also, for my personal setup i use a wildcard certificate
*.coder.domain.com
If possible why don't you try with caddy? Coder has some documentations on setting that up.With caddy it works
Marked the thread as resolved.