I’ve been using the Caddy2 add-on for a year or two. It provides reverse-proxies with automatic certificate renewals. Until today it has been working flawlessly, but this morning I started getting “This site can’t be reached” errors for most of the URLs. I chased the AUTH oriented solutions and the DNS oriented solutions for hours without success. Then I chased OpenWRT possibilities, also without success. Eventually I tried Firefox instead of Chrome and the error changed to “Secure Connection Failed.” Firefox suggested that the certificates might be the problem, so I used the SSL Labs Server Test to investigate. Turns out that the certificates had been revoked. I don’t yet know why they were revoked or why Caddy2 didn’t figure it out. But, I did find the simple fix. Assuming you use the Samba Share add-on, open the ssl directory, caddy, certificates, and the acme-v02.api.letsencrypt.org-directory. Delete any folders that represent failing certificates. Finally, restart the Caddy2 add-on and check the log. You should see that caddy obtains new certificates.
Why the certificates were revoked (nothing to do with hass or caddy2):