1. The problem I’m having:
Need the TLS app to use a specific cipher for generating keys. ECDHE-RSA-AES256-GCM-SHA384 instead of what it did by default which was ECDHE-ECDSA-AES256-GCM-SHA384. Using Caddy to manage certificates for a MQTT server, and the client can only handle specific ciphers (Tasmota).
Not sure if this is something I need to worry about, but according to multiple users on Tasmota forums, it matters.
2. Error messages and/or full log output:
General question at this point, not an error.
PASTE OVER THIS, BETWEEN THE ``` LINES.
Please use the preview pane to ensure it looks nice.
3. Caddy version:
v2.6.4 h1:2hwYqiRwk1tf3VruhMpLcYTg+11fCdr8S3jhNAdnPy8=
4. How I installed and ran Caddy:
installed Caddy on Ubuntu 22.04 according to official guide
a. System environment:
Ubuntu 22.04
b. Command:
PASTE OVER THIS, BETWEEN THE ``` LINES.
Please use the preview pane to ensure it looks nice.
c. Service/unit/compose file:
PASTE OVER THIS, BETWEEN THE ``` LINES.
Please use the preview pane to ensure it looks nice.
d. My complete Caddy config:
{
"apps": {
"http": {
"servers": {
"srv0": {
"listen": [
":443"
],
"routes": [
{
"handle": [
{
"handler": "subroute",
"routes": [
{
"handle": [
{
"handler": "reverse_proxy",
"upstreams": [
{
"dial": "127.0.0.1:38096"
}
]
}
]
}
]
}
],
"match": [
{
"host": [
"subdomain.example.com"
]
}
],
"terminal": true
},
{
"handle": [
{
"handler": "subroute",
"routes": [
{
"handle": [
{
"handler": "vars",
"root": "/usr/share/caddy"
},
{
"handler": "file_server",
"hide": [
"/etc/caddy/caddy.json"
]
}
]
}
]
}
],
"match": [
{
"host": [
"example.com"
]
}
],
"terminal": true
}
]
}
}
},
"tls": {
"certificates": {
"automate": [
"mqtt.example.com"
]
},
"automation": {
"policies": [
{
"issuers": [{
"module": "acme",
"email": "emailaddy@gmail.com"
}]
}
]
}
}
}
}