1. Caddy version (v2.4.6
):
2. How I run Caddy:
a. System environment:
Debian 11 Bullseye,
aarm64,
docker version: 20.10.5+dfsg1,
docker image: caddy/latest,
docker image id: 2e48a5247e10
b. Command:
docker-compose up -d
c. Service/unit/compose file:
version: '2'
services:
caddy:
container_name: caddy
image: 'caddy:latest'
volumes:
- '/mnt/data/docker/caddy/Caddyfile:/etc/caddy/Caddyfile'
- '/mnt/data/docker/caddy/srv:/srv'
- '/mnt/data/docker/caddy/data:/data'
- '/mnt/data/docker/caddy/config:/config'
hostname: caddy.xe
restart: always
dns:
- pihole
- 192.168.178.1
networks:
system_mac_vlan:
ipv4_address: 192.168.178.194
internal:
networks:
internal:
driver: bridge
system_mac_vlan:
external: true
d. My complete Caddyfile or JSON config:
fritz.xe {
reverse_proxy 192.168.178.1:80
tls internal
}
heimdall.xe {
reverse_proxy heimdall:80
tls internal
}
kuma.xe {
reverse_proxy kuma:3001
tls internal
}
portainer.xe {
reverse_proxy 192.168.178.192:9000
tls internal
}
mkdocs.xe {
reverse_proxy mkdocs:8000
tls internal
}
pihole.xe {
redir / /admin/
reverse_proxy pihole:80
tls internal
## basicauth {
## bob JDJhJDE0JFZENFhLbFRNTnNDVGxmR242WjVHbU9MRFoubkZHekROZy93eEdwOUVTUXFWT1Q4TGd6VXpx
##}
}
pyload.xe {
reverse_proxy pyload:8000
tls internal
}
test.xe {
reverse_proxy 192.168.178.159:80
tls internal
}
3. The problem Iâm having:
The Internal TLS Certificate that Caddy issues is only valid for 12 hours, and gets renewed after.
This prompts the Browser to issue a SEC_ERROR_UNKNOWN_ISSUER
error whenever entering a site (after 12 hours) served by caddy. Forcing you to accept the new âunsecureâ certificate.
4. Error messages and/or full log output:
5. What I already tried:
In order to extend the validity duration of the Certificate from 12 hours to a longer timespan,
I found this in the documentation, of wich the lifetime
parameter seems to be what I am searching for.
However, I canât understand how to implement this in to my Caddyfile, especially since there is mention of a json file?
If someone could please show me an real world example of how to use the TLS module in my Caddyfile, or where to find/how to use the json configuration, I would be very thankful.