I would like to move some of my domains to be only accessible through our corporate VPN network.
Though, I still want to receive public certificates for these domains. So for example “private.company.com” should be only accessible when connected to VPN, but it should have a public certificate and no need to install any CA.
Is this somehow easily accessible with Caddy? Can someone point me, how I can do this in the most efficient way?
Yeah. Any way of disrupting the route. So like in a home network, if you plug your computer directly into your WAN, your computer will be directly exposed to the Internet. But if you put a router in front, it also acts as a firewall, because it does NAT: your router creates a new internal network that all your devices become part of, instead of part of the Internet. So your computer gets an internal-only IP. Typically you have to enable the port forwarding or some sort of routing from the outside then.