So it appears that RocketChat or Caddy do an IP validation using ipinfo.io. This is a bad plan for Intranets as the only address it will find is the outward facing ip of the corporate router or firewall, which is most certainly not the address associated with the corporate server. Hence the snap install of RocketChat/Caddy will never work on an isolated corporate network with https enabled. I do hope that at some point this will get fixed, but until that time the only option appears to be doing a manual install and using nginx (or something else) as an https proxy. Too bad there is not a switch to allow caddy to use only the local dns server for ip validation.