Don't use auto HTTPS for servers with only HTTP port listeners

modules/caddyhttp/caddyhttp.go

@@ -188,6 +188,11 @@ func (app *App) automaticHTTPS() error {
 			continue
 		}
 
+		// skip if all listeners use the HTTP port
+		if !srv.listenersUseAnyPortOtherThan(app.HTTPPort) {
+			continue
+		}
+
 		// find all qualifying domain names, de-duplicated
 		domainSet := make(map[string]struct{})
 		for _, route := range srv.Routes {

modules/caddyhttp/server.go

@@ -4,6 +4,7 @@ import (
 	"context"
 	"fmt"
 	"log"
+	"net"
 	"net/http"
 	"strconv"
 
@@ -98,6 +99,21 @@ func (s *Server) executeCompositeRoute(w http.ResponseWriter, r *http.Request, s
 	return err
 }
 
+func (s *Server) listenersUseAnyPortOtherThan(otherPort int) bool {
+	for _, lnAddr := range s.Listen {
+		_, addrs, err := parseListenAddr(lnAddr)
+		if err == nil {
+			for _, a := range addrs {
+				_, port, err := net.SplitHostPort(a)
+				if err == nil && port != strconv.Itoa(otherPort) {
+					return true
+				}
+			}
+		}
+	}
+	return false
+}
+
 type httpErrorConfig struct {
 	Routes RouteList `json:"routes,omitempty"`
 	// TODO: some way to configure the logging of errors, probably? standardize