SSL on a sub domain, with a difference


I have a sub domain which contains a CNAME record to a web app.

I’d like to put Caddy in the middle if possible, so my sub domain can get an SSL cert, since the web app can’t provide me with SSL on my own domain.

Could Caddy handle the sub domain, giving it the SSL and still route traffic to the remote address, without redirecting?

Thank you for any guidance on this.

Hello Gordon, welcome to the Caddy forum! :slight_smile:

Should work using Proxy.
Your Caddyfile will look something like this: {
    proxy /

Read more on the Proxy directive here.

Though depending on the web app this might not work.

Hi Jacob,

Thanks for the welcome and for your quick reply on this.

I have been trying this out for a while, my caddyfile is as follows:
proxy / {
        proxy_header X-Forwarded-Proto {scheme}
log access.log

The guys that own the web app told me I should add “X-Forwarded-Proto” as “https” in the request headers, is the proxy_header the correct way to do this?

It seems to work, but once I log in to the web app, it redirects fully over to their URL, which I assume is an issue on their end?

Your proxy_header is the correct way to add the header.

It redirecting to their own URL is an issue on the webapp side. They will have to add support for using a custom domain.

Great, Thanks Jacob

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.