Wildcard SSL hostnames

phrazer · September 18, 2020, 8:22am

Hi,

From wiki: Wildcards ( * ) may be used, but only to represent precisely one label of the hostname. For example, *.example.com matches foo.example.com but not foo.bar.example.com , and * matches localhost but not example.com . To catch all hosts, omit the host portion of the address.

Is it possible to match in Caddyfile foo-bar.example.com somehow? If we write *bar.example.com or *-bar.example.com it doesnt work. **Its not RFC, but problem with SSL and LetsEncrypt is that you **cannot** have foo.bar.example.com`, because wildcard certificates work only One Level.** Then lot of hosting providers use foo-bar instead of foo.bar.

Any idea if this can somehow work? In nginx you have simple regex for server_name like (server_name ~^(?[^.]+).example.com)

francislavoie · September 18, 2020, 5:01pm

You can use the header_regexp matcher inside of your site block.

*.example.com {
	@subHost header_regexp sub Host (.*)\-bar\.example\.com$
	handle @subHost {
		...
	}
}

You can then use the {re.sub.1} placeholder to get the value of the * if you need it.

system · December 17, 2020, 5:02pm

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.