Error : caddyfile: server listening on [:80] is HTTP, but attempts to configure TLS connection policies #867
Description
I have this error when I want to use https:
Error: adapting config using caddyfile: server listening on [:80] is HTTP, but attempts to configure TLS connection policies
Here is my compose.yaml (it's basic):
services:
php:
image: ${IMAGES_PREFIX:-}${PHP_IMAGE:-app-php}
restart: unless-stopped
environment:
SERVER_NAME: ${SERVER_NAME:-localhost}, php:80
DEFAULT_URI: https://${SERVER_NAME:-localhost}:${HTTPS_PORT:-443}
MERCURE_PUBLISHER_JWT_KEY: ${MERCURE_JWT_SECRET:-!ChangeThisMercureHubJWTSecretKey!}
MERCURE_SUBSCRIBER_JWT_KEY: ${MERCURE_JWT_SECRET:-!ChangeThisMercureHubJWTSecretKey!}
TRUSTED_PROXIES: ${TRUSTED_PROXIES:-127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16}
TRUSTED_HOSTS: ^${SERVER_NAME:-example\.com|localhost}|php$$
DATABASE_URL: postgresql://${POSTGRES_USER:-app}:${POSTGRES_PASSWORD:-!ChangeMe!}@database:5432/${POSTGRES_DB:-app}?serverVersion=${POSTGRES_VERSION:-15}&charset=${POSTGRES_CHARSET:-utf8}
MERCURE_URL: ${MERCURE_URL:-http://php/.well-known/mercure}
MERCURE_PUBLIC_URL: ${MERCURE_PUBLIC_URL:-https://${SERVER_NAME:-localhost}:${HTTPS_PORT:-443}/.well-known/mercure}
MERCURE_JWT_SECRET: ${MERCURE_JWT_SECRET:-!ChangeThisMercureHubJWTSecretKey!}
volumes:
- caddy_data:/data
- caddy_config:/config
and compose.override.yaml:
# Development environment override
services:
php:
build:
context: .
target: frankenphp_dev
volumes:
- ./:/app
- ./docker/frankenphp/Caddyfile:/etc/caddy/Caddyfile:ro
- ./docker/frankenphp/conf.d/20-app.dev.ini:/usr/local/etc/php/app.conf.d/20-app.dev.ini:ro
# If you develop on Mac or Windows you can remove the vendor/ directory
# from the bind-mount for better performance by enabling the next line:
- /app/vendor
- ./docker/frankenphp/certs:/etc/caddy/certs:ro
environment:
CADDY_SERVER_EXTRA_DIRECTIVES: "tls /etc/caddy/certs/tls.pem /etc/caddy/certs/tls.key"
FRANKENPHP_WORKER_CONFIG: watch
MERCURE_EXTRA_DIRECTIVES: demo
# See https://xdebug.org/docs/all_settings#mode
XDEBUG_MODE: "${XDEBUG_MODE:-debug}"
APP_ENV: "${APP_ENV:-dev}"
extra_hosts:
# Ensure that host.docker.internal is correctly defined on Linux
- host.docker.internal:host-gateway
tty: true
CaddyFile is the one from the repository, I generated the certs:
mkcert -cert-file docker/frankenphp/certs/tls.pem -key-file docker/frankenphp/certs/tls.key "${SERVER_NAME}"
mkcert -install -cert-file docker/frankenphp/certs
SERVER_NAME is overrided by .env to "domain.tech"
With this config, I have the error. If I use in compose.yaml:
SERVER_NAME: ${SERVER_NAME:-localhost}
I can access https://domain.tech, and it works. But, if I curl : http://php/.well-known/mercure, I have:
HTTP/1.1 308 Permanent Redirect
Connection: close
Location: https://php/.well-known/mercure
Server: Caddy
Date: Thu, 20 Nov 2025 14:25:40 GMT
I understand it tries to redirect, with https, there is a problem with certificate.
What do I miss ?