github-starred/frp
2
0
Fork 0
mirror of https://github.com/fatedier/frp.git synced 2026-05-15 08:05:49 -06:00
Code Issues 40 Projects Packages Wiki Activity Actions 1

[GH-ISSUE #5015] Can't serve 404 page if https #3946

New issue
Closed
opened 2026-05-05 14:30:48 -06:00 by gitea-mirror · 4 comments
gitea-mirror commented 2026-05-05 14:30:48 -06:00
Owner
Copy link

Originally created by @gregoiregentil on GitHub (Oct 9, 2025).
Original GitHub issue: https://github.com/fatedier/frp/issues/5015

Bug Description

First, thank you for this amazing project. It's very stable.

In 0.63, it's not possible to serve a 404 error page for https due to the lack of option to stipulate the certificate.

vhostHTTPPort = 80
vhostHTTPSPort = 443
custom404Page = "404.html"
#certFile = "/path/fullchain.pem"
#keyFile = "/path/privkey.pem"

Am I missing something or could it be "fixed"/added?

frpc Version

0.63.0

frps Version

0.63.0

System Architecture

Linux/amd64

Configurations

vhostHTTPPort = 80
vhostHTTPSPort = 443
custom404Page = "404.html"
#certFile = "/path/fullchain.pem"
#keyFile = "/path/privkey.pem"

Logs

http://example.com WORKING
2025-10-09 16:02:35.809 [W] [httputil/reverseproxy.go:486] do http proxy request [host: example.com] error: no route found: example.com /

https://example.com NOT WORKING
2025-10-09 16:02:34.464 [D] [vhost/vhost.go:218] http request for host [example.com] path [] httpUser [] not found

Steps to reproduce

No response

Affected area

  • Docs
  • Installation
  • Performance and Scalability
  • Security
  • User Experience
  • Test and Release
  • Developer Infrastructure
  • Client Plugin
  • Server Plugin
  • Extensions
  • Others
Originally created by @gregoiregentil on GitHub (Oct 9, 2025). Original GitHub issue: https://github.com/fatedier/frp/issues/5015 ### Bug Description First, thank you for this amazing project. It's very stable. In 0.63, it's not possible to serve a 404 error page for https due to the lack of option to stipulate the certificate. vhostHTTPPort = 80 vhostHTTPSPort = 443 custom404Page = "404.html" #certFile = "/path/fullchain.pem" #keyFile = "/path/privkey.pem" Am I missing something or could it be "fixed"/added? ### frpc Version 0.63.0 ### frps Version 0.63.0 ### System Architecture Linux/amd64 ### Configurations vhostHTTPPort = 80 vhostHTTPSPort = 443 custom404Page = "404.html" #certFile = "/path/fullchain.pem" #keyFile = "/path/privkey.pem" ### Logs http://example.com WORKING 2025-10-09 16:02:35.809 [W] [httputil/reverseproxy.go:486] do http proxy request [host: example.com] error: no route found: example.com / https://example.com NOT WORKING 2025-10-09 16:02:34.464 [D] [vhost/vhost.go:218] http request for host [example.com] path [] httpUser [] not found ### Steps to reproduce _No response_ ### Affected area - [ ] Docs - [ ] Installation - [ ] Performance and Scalability - [x] Security - [x] User Experience - [ ] Test and Release - [ ] Developer Infrastructure - [ ] Client Plugin - [x] Server Plugin - [ ] Extensions - [ ] Others
gitea-mirror commented 2026-05-05 14:30:52 -06:00
Author
Owner
Copy link

@fatedier commented on GitHub (Oct 11, 2025):

This is the current expected behavior. The custom404Page setting is applied after the request has been routed. For HTTPS, the server must first complete the TLS handshake and present a certificate before it can send any content. Today, frps does not expose a server-wide “default certificate” for the vhost HTTPS listener, so when a request doesn’t match any configured HTTPS proxy, there’s no cert to use and your custom 404 page can’t be returned. (You can see custom404Page, vhostHTTPPort, and vhostHTTPSPort in the server config reference, but there’s no global HTTPS certificate option there.)

<!-- gh-comment-id:3392807705 --> @fatedier commented on GitHub (Oct 11, 2025): This is the current expected behavior. The custom404Page setting is applied after the request has been routed. For HTTPS, the server must first complete the TLS handshake and present a certificate before it can send any content. Today, frps does not expose a server-wide “default certificate” for the vhost HTTPS listener, so when a request doesn’t match any configured HTTPS proxy, there’s no cert to use and your custom 404 page can’t be returned. (You can see custom404Page, vhostHTTPPort, and vhostHTTPSPort in the server config reference, but there’s no global HTTPS certificate option there.)
gitea-mirror commented 2026-05-05 14:30:53 -06:00
Author
Owner
Copy link

@gregoiregentil commented on GitHub (Oct 11, 2025):

Thank you for the project and thank you for the answer.

I follow you. " Today, frps does not expose a server-wide “default certificate” for the vhost HTTPS listener". We agree and that's why I put "#certFile...". So my "issue" should be re-qualified as a "feature suggestion".

<!-- gh-comment-id:3392961069 --> @gregoiregentil commented on GitHub (Oct 11, 2025): Thank you for the project and thank you for the answer. I follow you. " Today, frps does not expose a server-wide “default certificate” for the vhost HTTPS listener". We agree and that's why I put "#certFile...". So my "issue" should be re-qualified as a "feature suggestion".
gitea-mirror commented 2026-05-05 14:30:53 -06:00
Author
Owner
Copy link

@fatedier commented on GitHub (Oct 11, 2025):

Given how frp currently handles HTTPS, this isn’t possible. There are no plans to support it in the short term.

<!-- gh-comment-id:3392967284 --> @fatedier commented on GitHub (Oct 11, 2025): Given how frp currently handles HTTPS, this isn’t possible. There are no plans to support it in the short term.
gitea-mirror commented 2026-05-05 14:30:54 -06:00
Author
Owner
Copy link

@gregoiregentil commented on GitHub (Oct 11, 2025):

Got you.

<!-- gh-comment-id:3393029515 --> @gregoiregentil commented on GitHub (Oct 11, 2025): Got you.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
dev
new
master
copilot/review-pull-request-5198
v0.68.1
v0.68.0
v0.67.0
v0.66.0
v0.65.0
v0.64.0
v0.63.0
v0.62.1
v0.62.0
v0.61.2
v0.61.1
v0.61.0
v0.60.0
v0.59.0
v0.58.1
v0.58.0
v0.57.0
v0.56.0
v0.55.1
v0.55.0
v0.54.0
v0.53.2
v0.53.1
v0.53.0
v0.52.3
v0.52.2
v0.52.1
v0.52.0
v0.51.3
v0.51.2
v0.51.1
v0.51.0
v0.50.0
v0.49.0
v0.48.0
v0.47.0
v0.46.1
v0.46.0
v0.45.0
v0.44.0
v0.43.0
v0.42.0
v0.41.0
v0.40.0
v0.39.1
v0.39.0
v0.38.0
v0.37.1
v0.37.0
v0.36.2
v0.36.1
v0.36.0
v0.35.1
v0.35.0
v0.34.3
v0.34.2
v0.34.1
v0.34.0
v0.33.0
v0.32.1
v0.32.0
v0.31.2
v0.31.1
v0.31.0
v0.30.0
v0.29.1
v0.29.0
v0.28.2
v0.28.1
v0.28.0
v0.27.1
v0.27.0
v0.26.0
v0.25.3
v0.25.2
v0.25.1
v0.25.0
v0.24.1
v0.24.0
v0.23.3
v0.23.2
v0.23.1
v0.23.0
v0.22.0
v0.21.0
v0.20.0
v0.19.1
v0.19.0
v0.18.0
v0.17.0
v0.16.1
v0.16.0
v0.15.1
v0.15.0
v0.14.1
v0.14.0
v0.13.0
v0.12.0
v0.11.0
v0.10.0
v0.9.3
v0.9.2
v0.9.1
v0.9.0
v0.8.1
v0.8.0
v0.7.0
v0.6.0
v0.5.0
v0.3.0
v0.2.0
v0.1.0
Labels
Clear labels   
In Progress

   
WIP

   
WaitingForInfo

   
bug

   
doc

   
duplicate

   
easy

   
enhancement

   
future

   
help wanted

   
invalid

   
lifecycle/stale

   
need-issue-template

   
need-usage-help

   
no plan

   
proposal

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
todo
No labels
In Progress
WIP
WaitingForInfo
bug
doc
duplicate
easy
enhancement
future
help wanted
invalid
lifecycle/stale
need-issue-template
need-usage-help
no plan
proposal
pull-request
question
todo
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/frp#3946
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?