Moving certificates and a proxy without SSL

1. My Caddy version (caddy -version):


2. How I run Caddy:

a. System environment:

Windows server 2012 R2

b. Command:

c:\caddy\caddy.exe -conf c:\caddy\Caddyfile

c. Service/unit/compose file:

d. My complete Caddyfile:

proxy / {
tls {
root C:\caddy\www
errors C:\caddy\logs\error.log

3. The problem I’m having:


We use Caddy on a Windows server for SSL offloading.

  1. We want to move the Caddy installation to a different windows server and I’m wondering if copying the certs folders to the new server won’t cause any issues.
    We have ~1200 certificates issued by LetsEncrypt in the current folder.
    I’m not sure if the certificates are unique per server or not, and whether copying them to a new server won’t cause any renewal issues or problems with creating other certificates on the new server.

  2. Our current configuration is ‘catch all’.
    Is it possible to edit the Caddy file in such way that one additional domain will redirect AS IS to a different IP without any SSL generated for it?
    We want to keep it http and not https.

Thank you,

If you copy the entire .caddy folder, that will include the ACME account and all the TLS assets. Caddy on the new server will be functionally identical to the one on the old server in terms of renewals, notification emails, etc.

Yes - Caddy picks which site to use for a given request by selecting the longest matching address.

A catch-all like http:// etc. can be overridden by providing a longer, more specific site address, like