1. The problem I’m having:
We’re using Redis as a TLS storage and we need to re-issue some certificates from customers. The TLS certificate generated on-demand. I’ve deleted the certificates from Redis (all keys from a given domain), but Caddy is still serving the TLS certificate.
I assume it’s cached in memory?
Is there a way to clear Caddy’s cache without a restart?
I’ve tried caddy reload -c /etc/caddy/Caddyfile --force
it outputs: INFO using provided configuration {"config_file": "/etc/caddy/Caddyfile", "config_adapter": ""} but it doesn’t re-issue the certificate.
2. Error messages and/or full log output:
n/a
3. Caddy version:
caddy:2.7.6-builder docker container.
4. How I installed and ran Caddy:
a. System environment:
Docker containers.
Docker
b. Command:
docker-compose up
c. Service/unit/compose file:
services:
caddy:
build:
dockerfile: ./caddy/caddy.Dockerfile
container_name: caddy
environment:
- REDIS_HOST=redis
- REDIS_PORT=6379
- REDIS_USERNAME=default
- REDIS_PASSWORD=redis
- HTTP_CHALLENGE_SERVER=http-challenge
volumes:
- ./caddy/Caddyfile:/etc/caddy/Caddyfile
d. My complete Caddy config:
{
cert_issuer zerossl {$ZEROSSL_API_KEY}
on_demand_tls {
ask http://{$HTTP_CHALLENGE_SERVER}/ask
}
storage redis {
host {$REDIS_HOST}
port {$REDIS_PORT}
username {$REDIS_USERNAME}
password {$REDIS_PASSWORD}
}
servers {
metrics
}
}
https://* {
tls internal {
on_demand
}
@www header_regexp nonwww Host ^(www\.)(.*)
@no-www host www.{args.0}
handle @www {
redir https://{re.nonwww.2}{uri}
}
@non-www not header_regexp Host ^(www\.)(.*)
handle @non-www {
redir https://www.{host}{uri}
}
respond 404
}