Caddy trust in docker for local certificates

Is Caddy capable of installing root certificates to MacOS when run from a Docker container and configured to issue a local certificate and use a domain name that links to 127.0.0.1 (e.g. https://test.127.0.0.1.nip.io/?

If not, can I still do it manually? I couldn’t figure it out from the caddy trust wiki.

Can you refer to a documentation or a topic here where it explains how to do so, please?

I realize it might have something to do with this:

You may also use the caddy binary with this command to install certificates on other machines in your network, if the admin API is made accessible to other machines – be careful if doing this, to not expose the admin API to untrusted clients.

No, because things running inside Docker containers are totally isolated from the host machine.

Yes. Set up a volume for the /data directory; you’ll find the root CA cert at /data/caddy/pki/authorities/local/root.crt

You can copy that out and install it to your system or browser’s trust store.

Yeah so that involves actually running a Caddy binary on the host machine and pointing it to the admin API of your Caddy instance running inside Docker.

That means you need to allow the admin endpoint of Caddy to be accessible from outside the container, via publishing a port, and configuring your Caddyfile with admin :2019 to accept connections on all interfaces (by default, only from localhost, which would reject connections from outside of the container itself).

Then you can run the caddy trust on your host machine and it’ll automate installation.

1 Like

This topic was automatically closed after 30 days. New replies are no longer allowed.