Hello guys,
Like the title said, I’m wondering how Caddy server able to use Let’s Encrypt on non-exists domains? Let’s Encrypt need to “ping” the domain before provide a certificate, right?
The document here: Automatic HTTPS — Caddy Documentation doesn’t provide information I needed.
I’m really susprised about this project, very useful to me. Even I didn’t use it
Hi!
It sounds like you want to use Caddy to serve intranet sites over HTTPS (e.g. my.company.local
).
Unfortunately LetsEncrypt is a root CA and will only sign certificates for verifiable public DNS domains (e.g. .com
, .net
).
You can still use Caddy for an intranet site over HTTPS - your options are:
Distribute your own CA certificate, sign a cert for your intranet domain with it, and configure Caddy to use the signed cert with tls cert key
Use a temporary self-signed key in memory each time with tls self_signed
Check out the Caddy tls docs for more info, and you can read up on how LetsEncrypt works here .
3 Likes
wendigo
(Mateusz Gajewski ☁︎)
December 5, 2016, 10:37am
3
Letsencrypt requires ownership of given entity (domain). You can’t prove that you are the owner of .local domain as anyone else can prove it
1 Like
system
(system)
Closed
March 5, 2017, 10:37am
4
This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.