This is not a help topic. Just sharing my new config…
Shortlived 6-day certificates have become generally available since Jan 15, 2026. Ref: 6-day and IP Address Certificates are Generally Available - Let's Encrypt . The benefits are mentioned in the aforementioned article. A new issue is created in Github to consider using the ‘shortlived’ certificate profile by default for Let’s Encrypt. Until, it becomes the default, we may use the following to get shortlived certificates (assuming the default Let’s Encrypt is used)…
example.com {
tls {
issuer acme {
profile shortlived
}
}
# other config
root /path/to/site/root
}
The above code works for new domains. For domains with existing SSL certificates, you may wait until the existing certificates renewed automatically, or you may remove the existing SSL certificates from Caddy’s data directory and then restart Caddy to (re)issue new certificates with shortlived duration.
To know more, please use the following links…
The issuer “acme” means the default issuer (Let’s Encrypt). Ref…
To know about “shortlived” profile (in Let’s Encrypt)…
I hope this saves sometime for someone to go through all the info about shortlived certificates using Caddy.