xmpp.14servers.net:80 {
# Set this path to your site's directory.
#root * /opt
# Enable the static file server.
file_server
# Another common task is to set up a reverse proxy:
reverse_proxy * localhost:5380
# Add compression
#encode zstd gzip
}
3. The problem I’m having:
I’m trying to use Caddy to…
obtain https certs for my ejabberd XMPP server’s web console port 5443 and all subdomains of:
*.14servers.net
Question 1:
Is the proper way to tell caddy to use http rather than https for a specific domain/subdomain to declare port 80 after the domain/subdomain as I did above?
Question 2:
Can Caddy automatically obtain wildcard certs usable by other servers, e.g. ejabberd XMPP server, on other subdomains?
4. Error messages and/or full log output:
5. What I already tried:
I’ve been working the problem from the eJabberd-side for a few days after being assured eJabberd did its certs automatically like Caddy.
However I’ve since learned the Debian 11.2 (Bullseye) package of eJabberd enables TLS (Https) for all webports and the http port required for ejabberd to use ACME to obtain certs must be added/configured manually.
Before duplicating much of what Caddy does with an eJabberd work-around, I’d like to learn if Caddy can obtain certs for ALL servers with specified domains and subdomains as well as reverse-proxying specified ports.
Yeah, just specify http:// scheme on the site address, or use the HTTP port, and that domain won’t qualify for Automatic HTTPS:
Yes, but you need to configure Caddy with the appropriate DNS plugin for your DNS provider, and configure a site block with *.14servers.net.
Note that when you use the Caddyfile, there’s no way to tell Caddy to manage a certificate for a domain but not enable an HTTPS server for it. If you need fine grained, control over that, you can use JSON config directly.