Local certs and HTTP

caddy 2.6.2

{
    debug
    local_certs
    skip_install_trust
    auto_https disable_redirects
}

# main domains
*.website.com, website.com, caddy:80 {
	tls /certs/localhost.crt /certs/localhost.key

	respond "hello"
}

Hi,

Is it possible to use self signed certificates on a site that accepts both HTTP and HTTPS ?

Config above gives me error:
Error: adapting config using caddyfile: server listening on [:80] is HTTP, but attempts to configure TLS connection policies

I do understand why its happening, but not sure how to circumvent it. What options do I have?
I would like to use my own certs since they are already installed in few places.

Thank you

The error is saying that your site is ambiguous.

You should split it up into two separate sites for this. One with TLS config, and the other without.

Also, it doesn’t make sense to use both local_certs and an explicit certificate. That seems like a mistake.

Hi,

I really would like to avoid splitting my sites into HTTP and HTTPS, because I will have duplicated handlers. The reason I need HTTP at all, is few Docker containers communicating internally without SSL.

Seems like I can comment out tls directive and have Caddy issue cert when needed.
Thought there might be a way to have local certs served only when request comes via caddy:80.

Thanks

Use snippets to share common bits of config:

That’s a logic error – no cert is used if the traffic is HTTP.

Cool, I will have a look at the snippets.

Just to confirm, would you say below is a valid config?
It seems to be working as expected. I just need to download cert and install it where needed.

Thank you

{
    local_certs
    skip_install_trust
    auto_https disable_redirects
}

# main domains
*.website.com, website.com, caddy:80 {
	respond "hello"
}

Yeah it’s fine, because you don’t have any explicit tls config in there that would make the site ambiguous.

1 Like