I get a "Client sent an HTTP request to an HTTPS server" error on all pages

Hi, my vaultwarden instance is giving the “Client sent an HTTP request to an HTTPS server.” error every time i try to visit it’s web page. this is my first time setting it up with docker compose. im not too sure how i should fix this.
im using docker (version Docker version 20.10.23, build 7155243), Nginx Proxy Manager on debian 11.

the configurations for Caddy, my docker compose and NPM are below in that order


{$DOMAIN}:443 {
  log {
    level INFO
    output file {$LOG_FILE} {
      roll_size 10MB
      roll_keep 10

  # Use the ACME HTTP-01 challenge to get a cert for the configured domain.
  tls {$EMAIL}

  # This setting may have compatibility issues with some browsers
  # (e.g., attachment downloading on Firefox). Try disabling this
  # if you encounter issues.
  encode gzip

  # Notifications redirected to the WebSocket server
  reverse_proxy /notifications/hub vaultwarden:3012

  # Proxy everything else to Rocket
  reverse_proxy vaultwarden:3010 {
       # Send the true remote IP to Rocket, so that vaultwarden can put this in the
       # log, so that fail2ban can ban the correct IP.
       header_up X-Real-IP {remote_host}


version: '3'

    image: vaultwarden/server:latest
    container_name: vaultwarden
    restart: always
      WEBSOCKET_ENABLED: "true"  # Enable WebSocket notifications.
      - /srv/dev-disk-by-uuid-ddfe4bb1-b0f9-478c-9db0-08eed9daa916/POOL/SERVER_DATA/Bitwarden:/data

    image: caddy:2
    container_name: vaultwarden-caddy
    restart: always
      - 3010:80  # Needed for the ACME HTTP-01 challenge.
      - 3011:443
      - ./Caddyfile:/etc/caddy/Caddyfile:ro
      - ./caddy-config:/config
      - ./caddy-data:/data
      DOMAIN: "https://mysubdomain.mydomain.ml"  # Your domain.
      EMAIL: "******@protonmail.com"   # The email address to use for ACME registration.
      LOG_FILE: "/data/access.log"

Nginx Proxy Manager:

any pointers or fix suggestions would be greatly appreciated! thank you

Why are you using both Caddy and Nginx Proxy Manager? I would get rid of one reverse proxy and proxy pass to vaultwarden directly so it’s easier to reason about.

1 Like

fixed it by forwarding the 80 and 443 ports straight from the docker image without caddy. sorry, i mustve been really tired when doing it.

1 Like