Idea: openssl plugin

I like to have a plugin so that I can chose witch version of openssl caddy should use.

Caddy doesn’t use OpenSSL so this in unlikely.

2 Likes

Yep, you’re in luck, Caddy has no external dependencies! \o/

2 Likes

@zewy as others have stated Caddy doesn’t use OpenSSL, it’s one of the reasons I started using it as I was constantly running into openssl issues. It’s just my opinion but the Go TLS libraries are more solid, and more quickly updated.

With being able to compile a single binary file, it also make system administration easier. I don’t have to try to backport openssl fixes to older systems, like RHEL 6.x boxes. I can just download/compile Caddy with the latest Go and have all the SSL fixes incorporated (if there are any!). I don’t have to patch openssl, compile Apache/Nginx, etc. etc. etc.

Caddy has made my life easier. :slight_smile:

4 Likes

Wow nice @jim is there a manual how I do that I use Centos 7 and this damn OpenSSL 1.0.1e is cursed…

Do you have an easy guide how to compile GO and Caddy with OpenSSL of your own chose?

It’s not possible to use a custom OpenSSL because Caddy doesn’t use OpenSSL at all. It uses tls package - crypto/tls - pkg.go.dev instead.

Just downloading the Caddy binary precompiled from the website will come with this library baked in. If you download the Caddy source and compile it yourself (see: go command - cmd/go - pkg.go.dev), you’ll get the latest version. Those are, I understand, your only two options.

1 Like

@zewy. Just download here.

Select HTTP server type, and any additional plugins you like, but you can just use the basics. A lot of default plugins are included. CentOS 7 uses systemd, there is a startup script and instructions here:
https://github.com/mholt/caddy/tree/master/dist/init/linux-systemd

It is still version 9.5 and quic don’t work for me with that one.

for I get this error

panic: interface conversion: io.ReadCloser is struct { io.Reader; io.Closer }, not *h2quic.requestBody

goroutine 286 [running]:
panic(0xa4a1e0, 0xc42038db40)
        /usr/local/go/src/runtime/panic.go:500 +0x1a1
github.com/lucas-clemente/quic-go/h2quic.(*Server).handleRequest.func1(0xc4201b8ca0, 0xc4203a0780, 0xc420376b40, 0x0, 0xde5c40, 0xc4202cb6c0)
        /home/caddy/go/src/github.com/lucas-clemente/quic-go/h2quic/server.go:193 +0x17c
created by github.com/lucas-clemente/quic-go/h2quic.(*Server).handleRequest
        /home/caddy/go/src/github.com/lucas-clemente/quic-go/h2quic/server.go:202 +0x628

So I did the install like this on Centos 7.

cd /usr/local/
wget https://storage.googleapis.com/golang/go1.8.linux-amd64.tar.gz
tar -xzf go1.8.linux-amd64.tar.gz
rm o1.8.linux-amd64.tar.gz

printf 'export PATH=$PATH:/usr/local/go/bin' > /etc/profile.d/go.sh

cd /home/user/caddy

go get -u -v github.com/mholt/caddy/caddy

nano /root/go/bin/Caddyfile
---
www.example.com {
tls ssl/www.example.com-bundle.crt ssl/www.example.com.key
proxy / 127.0.0.1:8080
}
---

/root/go/bin/caddy -quic

I use a Nginx behinde Caddy just for modpagespeed otherwise I would just use Caddy

Oh, this has been fixed already on master; it will come out in the next release.

1 Like