Caddy

Caddy

TLS via private CA

To make caddy request certificates from an intern/private CA add this block on the global level:

/etc/caddy/Caddyfile
(local-tls) {
  tls me@trustworthy.com {
          ca https://cert.lan:444/acme/acme/directory
          ca_root /opt/step-ca/certs/root_ca.crt
  }
}

Then add an import statement to every site block you want it to be used in, e.g.:

/etc/caddy/Caddyfile
local.example.internal {
        import local-tls
        reverse_proxy http://localhost:6969
}