I apologise but the template just did not fit my query. To put it simply, is port forwarding required to get ssl certificates and use HTTPS with Caddy?
I understand that ordinarily port forward are required to access the internal services from outside the network, however I wish to access my services via vpn or lan only traffic.
As such my use case is more about using FQDNs are removing HTTPS warnings than accessing from outside the network. My DNS provider directs my FQDN to my local IP, this works for accessing my service but obviously does not solve my HTTPS issue.
I did try to set this up on Caddy but got browser errors and figure this is down to a config error with Caddy.
Before I delve too deep into troubleshooting, is this even possible? Can I use Caddy without port forwards where a VPN or local network is in use and the FQDN is pointed at Caddys local IP and access from the LAN?
Caddy typically relies on ACME to requisition its certificates.
ACME provides for a number of methods to solve a challenge to prove you are who you say you are and grant you a valid certificate: Challenge Types - Let's Encrypt
One of those methods is DNS validation, which you can do without ever allowing external access to your Caddy server. To use it, you’ll need a DNS provider with an API that Caddy can use to update public records and solve the challenge. Then you’ll need to download a copy of Caddy with that provider’s DNS module included. You’ll find instructions on how to do that in the below wiki post:
