I noticed that Caddy has a self_signed option. Does certmagic support this or is it something that the full caddy server adds on top of certmagic?
CertMagic takes an Issuer type: certmagic package - github.com/caddyserver/certmagic - pkg.go.dev
An Issuer is any type that can take a CSR and return a certificate. The default issuer is of course ACME, but Caddy provides one called Internal that uses its own automatically managed CA. This is not a CertMagic feature, but is something that Caddy offers.
To clarify, the Internal issuer uses Caddy’s pki app: Modules - Caddy Documentation. This uses proper, short-lived intermediate/leaf certificates with a single, easy-to-trust long-lived root. But if you want to generate a very simple self-signed cert in Go without that, it’s quite easy: - The Go Programming Language
Great thanks. Yes I’ll just self-sign and use stdlib https then and use certmagic in production. Its nice that its all using net/http.
1 Like
This topic was automatically closed after 30 days. New replies are no longer allowed.