We’d like to use the same certificate storage for caddyfile and other services, at this time caddy stores certs in: <caddy data dir>/certificates/<ca>/<domain>
Would it be possible to change just the <caddy data dir>/certificates directory to something else like /etc/certificates and to still store all the other caddy-related data in ?
That way we could simply use /etc/certificates for other services (exim/dovecot/pure-ftpd etc.) and have a single source of trust. We’d just use /etc/certificates/some_other_directory/ for commercial/EV certs and have all the system certs in a single place.
Not a huge issue if it’s not doable right now, as we can simply copy TLS certs from the caddy directory to /etc/certificates too, just requires some additional lookups (unless Caddy supports some post-certificate-renewal hooks, that could simply copy the file to acdesired location).
(An Automation Policy is what defines how to manage certificates, based on its “subjects” parameter. Er, the docs currently show this parameter as “hosts” but when I update them in the next week or so it’ll say “subjects”.)
But, you can’t change how Caddy organizes its certificates within that path. The folder structure is necessary for proper automated management of the certificates.
Might also be possible with a Caddy plugin/module Extending Caddy — Caddy Documentation. I’m not sure what hooks might exist into the cert management flow for plugins though. @matt could clarify if there’s any interest in that.