Where is the DNS-01 wildcard cert stored?


(Maciej świć) #1

Hi, I switched to DNS-01 and wildcard certs recently but the .caddy folder only has my old domain-specific certs in it. Where is the wildcard cert? I want to share it with OpenVPN.


(Matt Holt) #2

It should be in the acme subfolder:

$CADDYPATH/acme/acme-v02.api.letsencrypt.org/sites/...

If $CADDYPATH is not set, the default is $HOME/.caddy.


(Maciej świć) #3

Its not there. What is it supposed to be called?

% sudo updatedb 
% locate acme-v02.api.letsencrypt.org                                                                                                        ~ ubuntu
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/users
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/alfred.redacted.com
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/e-openhab.redacted.com
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/e-pihole.redacted.com
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/e-radarr.redacted.com
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/e-router.redacted.com
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/e-sonarr.redacted.com
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/e-tracer.redacted.com
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/ohl.redacted.com
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/openhab.redacted.com
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/pihole.redacted.com
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/radarr.redacted.com
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/repetier.redacted.com
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/router.redacted.com
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/sonarr.redacted.com
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/tracer.redacted.com
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/alfred.redacted.com/alfred.redacted.com.crt
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/alfred.redacted.com/alfred.redacted.com.json
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/alfred.redacted.com/alfred.redacted.com.key
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/e-openhab.redacted.com/e-openhab.redacted.com.crt
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/e-openhab.redacted.com/e-openhab.redacted.com.json
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/e-openhab.redacted.com/e-openhab.redacted.com.key
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/e-pihole.redacted.com/e-pihole.redacted.com.crt
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/e-pihole.redacted.com/e-pihole.redacted.com.json
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/e-pihole.redacted.com/e-pihole.redacted.com.key
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/e-radarr.redacted.com/e-radarr.redacted.com.crt
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/e-radarr.redacted.com/e-radarr.redacted.com.json
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/e-radarr.redacted.com/e-radarr.redacted.com.key
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/e-router.redacted.com/e-router.redacted.com.crt
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/e-router.redacted.com/e-router.redacted.com.json
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/e-router.redacted.com/e-router.redacted.com.key
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/e-sonarr.redacted.com/e-sonarr.redacted.com.crt
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/e-sonarr.redacted.com/e-sonarr.redacted.com.json
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/e-sonarr.redacted.com/e-sonarr.redacted.com.key
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/e-tracer.redacted.com/e-tracer.redacted.com.crt
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/e-tracer.redacted.com/e-tracer.redacted.com.json
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/e-tracer.redacted.com/e-tracer.redacted.com.key
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/ohl.redacted.com/ohl.redacted.com.crt
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/ohl.redacted.com/ohl.redacted.com.json
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/ohl.redacted.com/ohl.redacted.com.key
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/openhab.redacted.com/openhab.redacted.com.crt
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/openhab.redacted.com/openhab.redacted.com.json
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/openhab.redacted.com/openhab.redacted.com.key
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/pihole.redacted.com/pihole.redacted.com.crt
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/pihole.redacted.com/pihole.redacted.com.json
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/pihole.redacted.com/pihole.redacted.com.key
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/radarr.redacted.com/radarr.redacted.com.crt
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/radarr.redacted.com/radarr.redacted.com.json
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/radarr.redacted.com/radarr.redacted.com.key
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/repetier.redacted.com/repetier.redacted.com.crt.lock
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/router.redacted.com/router.redacted.com.crt
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/router.redacted.com/router.redacted.com.json
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/router.redacted.com/router.redacted.com.key
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/sonarr.redacted.com/sonarr.redacted.com.crt
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/sonarr.redacted.com/sonarr.redacted.com.json
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/sonarr.redacted.com/sonarr.redacted.com.key
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/tracer.redacted.com/tracer.redacted.com.crt
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/tracer.redacted.com/tracer.redacted.com.json
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/sites/tracer.redacted.com/tracer.redacted.com.key
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/users/default
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/users/maciej@redacted.com
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/users/default/default.json
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/users/default/default.key
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/users/maciej@redacted.com/maciej.json
/mnt/user/appdata/caddy/conf/.caddy/acme/acme-v02.api.letsencrypt.org/users/maciej@redacted.com/maciej.key

(Matt Holt) #4

Hmm. It’s impossible to know what it is called without seeing your Caddyfile.

Are you sure the environment variables are set the way you think?