How to use Caddy for certificates only, without binding to ports?

coolaj86 · March 3, 2024, 2:29am

1. The problem I’m having:

I want to disable http and https and only use caddy for certificate renewal using DNS challenges.

2. Error messages and/or full log output:

I’m just not clear on what the config should look like.

3. Caddy version:

N/A

4. How I installed and ran Caddy:

curl https/webi.sh/caddy | sh
source ~/.config/envman/PATH.env

caddy run --config ./Caddyfile

a. System environment:

N/A

b. Command:

N/A

c. Service/unit/compose file:

N/A

d. My complete Caddy config:

This is what I’m using right now (using it for 3CX, hence the RSA keys):

{
    auto_https disable_redirects
    # I think I don't need this since the redirect is disabled?
    http_port 61080
    https_port 61443
    default_bind 127.0.0.1
}

example.com {
    tls {
        dns lego_deprecated dnsimple
        key_type rsa4096
    }
}

5. Links to relevant resources:

N/A

francislavoie · March 3, 2024, 5:08am

There’s no way to do that with a Caddyfile. Use a JSON config for that.

You can adapt your config to JSON, and then just delete the whole http app. Only the tls app is needed.

system · April 2, 2024, 5:08am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.