I use caddy for local development only. I currently have a requirement that cannot work without https enabled.

I gather I can use tls self_signed to generate an in-memory certificate.

The Caddyfile itself is simple:

:2002 {
  root ./
  tls self_signed

:2002/resources {
  root /path/to/sdk/resources/
  tls self_signed

The result is:

Activating privacy features… done.
WARNING: File descriptor limit 4864 is too low for production servers. At least 8192 is recommended. Fix with “ulimit -n 8192”.

Displaying https://localhost:2002 in chrome results in:

This site can’t provide a secure connection

localhost sent an invalid response.

I’m hardly an expert in this area. Can anyone tell me what the missing piece is here?

Hi @jorgt, what’s your caddy -version ?

As of the latest release (0.11.5), trying to use tls self_signed without a hostname should return an error self-signed: certificate has no names. Caddy no longer serves a certificate at all if no certificate matches the hostname indicated via SNI.

You should be able to use localhost:2002 with tls self_signed for now, if you’re browsing to https://localhost:2002 in your browser.

There’s a PR in the works to have self-signed certificates automaticaly fetch all interfaces for SANs when the hostname is omitted. That should allow for :2002 to be used with the hostname omitted and still be accessible via localhost or any local IP address.

Hi Matthew,

Caddy version outputs Caddy 0.10.11. I’ll upgrade and see if that helps.

Yup, it now quits with self-signed: certificate has no names. Specifying the hostname has worked, I can now use the API’s I need to use.


1 Like

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.