Separate On-Demand ask endpoints

jonkad · February 1, 2024, 9:35am

Hello,

is it possible to add different ask endpoints for each Server?

Like:


*.*.server1.com {
        tls {
                on_demand {
                        ask http://localhost:3040/api/ask-domain-a
                }
        }
...
}


*.*.server2.com {
        tls {
                on_demand {
                        ask http://localhost:2040/api/ask-domain-b
                }
        }
...
}

francislavoie · February 1, 2024, 11:02am

No, it’s not possible right now, because on_demand config is global.

In the next release, it’ll possible to use a plugin for ask so you could write your own logic instead to split it. caddytls: Make on-demand 'ask' permission modular by mholt · Pull Request #6055 · caddyserver/caddy · GitHub

That said, if you know the domains ahead of time, you should probably get a wildcard cert instead (using a DNS plugin to enable the ACME DNS challenge), and not use On-Demand TLS.

system · March 2, 2024, 11:03am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.