1. Caddy version (caddy version
):
v2.3.0 h1:fnrqJLa3G5vfxcxmOH/+kJOcunPLhSBnjgIvjXV/QTA=
2. How I run Caddy:
a. System environment:
Mac 11.1
b. Command:
caddy run -config caddy.json # See below for the config
c. Service/unit/compose file:
N/A
d. My complete Caddyfile or JSON config:
{
"admin": {
"disabled": true
},
"apps": {
"http": {
"servers": {
"proxy": {
"listen": [
":80",
":443"
],
"routes": [
{
"handle": [
{
"handler": "reverse_proxy",
"transport": {
"protocol": "http"
},
"upstreams": [
{
"dial": "192.168.64.36:30784"
}
]
}
],
"match": [
{
"host": [
"app1.test-domain"
]
}
]
},
{
"handle": [
{
"handler": "reverse_proxy",
"transport": {
"protocol": "http"
},
"upstreams": [
{
"dial": "192.168.64.36:31525"
}
]
}
],
"match": [
{
"host": [
"app2.test-domain"
]
}
]
}
]
}
}
}
}
}
3. The problem I’m having:
I’m trying to use Caddy to proxy to two upstreams behind a local TLD test-domain
. Here is my /etc/hosts
:
127.0.0.1 app1.test-domain
127.0.0.1 app2.test-domain
Caddy proxied correctly for HTTP but reached out to ACME for cert for a local domain:
2021/01/24 06:43:38.535 ERROR tls.obtain will retry {"error": "[app1.test-domain] Obtain: [app1.test-domain] creating new order: request to https://acme.zerossl.com/v2/DV90/newOrder failed after 1 attempts: HTTP 400 urn:ietf:params:acme:error:rejectedIdentifier - Invalid DNS identifier [api.meroxa] (ca=https://acme.zerossl.com/v2/DV90)", "attempt": 1, "retrying_in": 60, "elapsed": 2.298220396, "max_duration": 2592000}
Is it possible to configure Caddy to generate a self-signed cert for a local TLD?
4. Error messages and/or full log output:
See above.
5. What I already tried:
I couldn’t find a config that allows generating self-signed cert for a local TLD.