I would like to have the subdomains use the wildcard certificate to serve sub1.website.org and sub2.website.org I am having trouble with doing that.
4. Error messages and/or full log output:
There are no error messages, but instead caddy grabs certs for the wildcard as well as sub1 and sub2
5. What I already tried:
I have tried moving the sub1 and sub2 block to inside the wildcard block to no avail. I am not sure if there is another directive I should be using for this.
6. Links to relevant resources:
This seems similar but I haven’t been able to successfully implement it.
Caddy makes some assumptions by default that don’t match what you’re trying to do. Caddy won’t assume that you want to use the wildcard cert for your other domains, because some people actually do want to use individual certificates.
The best option for you here I think is to use host matchers for your various subdomains in the wildcard site block:
If you used JSON config, you could specifically modify the TLS automation policy to only manage the wildcard certificate and to ignore the rest, and the connection policy would be configured pick up the requests using the wildcard certificate. With the Caddyfile, there’s no way to configure that yet.
@matt do you think it’s worth adding a tls option to explicitly tell the adapter to skip the domain(s) from a site block from the automation policy? Maybe something like:
Thank you very much!
In the handle block can you essentially put anything that you would in a separate website block? Such as to specify the root directory and such.