Automatic HTTPS for all domains, different backend for a single domain name?


(Paul Smith) #1

Hello,

I would like to know if I can do something, as I haven’t been able to get it to work yet.

I would like a Let’s Encrypt SSL cert for photo.domain.com, which has a backend of 123.123.123.124
I would like Automatic HTTPS certs for all other domains, basically *, which have a backend of 123.123.123.125

I tried with a config like this, however it didn’t work as it said invalid directive https:// , if I comment out the first lines for photo.domain.com, starting the config with https:// , everything works nicely.

photo.domain.com
proxy / 10.X.X.63:80 {
    transparent
}
tls {
    protocols tls1.1 tls1.2
    max_certs 10
}

https://
proxy / 10.X.X.69:80 {
    transparent
}
tls {
    protocols tls1.1 tls1.2
    max_certs 12000
}

root /caddy
log /var/log/caddy/access.log
errors /var/log/caddy/error.log

(Matthew Fay) #2

Hi @Paul_Smith,

Check out this part of the Caddyfile documentation:

A Caddyfile with only one entry may consist simply of the label line(s) followed by the definition on the next line(s), as shown above. However, a Caddyfile with more than one entry must enclose each definition in curly braces { } . The opening curly brace { must be at the end of the label line, and the closing curly brace } must be the only token on its line:

https://caddyserver.com/docs/caddyfile#structure

(I’d suggest clicking through to the docs themselves, as they have a helpful illustration of the structure.)

You’re trying to use the single-site format with multiple site definitions (photo.domain.com, and https://), which won’t work (the second site is assumed to be a directive by Caddy). Fix up the structure and Caddy will correctly read it as a second site definition.