Wildcard with external SSL certificate?

Hello,

I would like to use our SSL certificate (Wildcard COMODO)

Now with auto-generated Let’s Encrypt certificate. I use like this.

*.site.com {
  proxy / localhost:8000 {
    transparent
    except /media /static
  }
  rewrite /static {
    r (.*)
    to /static_cdn/{1}
  }
  tls mymail@gmail.com
  tls {
    max_certs 3
  }
  root /opt/src
  gzip
}

So if I set like this, Is it work with all sub domain?

*.site.com {
  proxy / localhost:8000 {
    transparent
    except /media /static
  }
  rewrite /static {
    r (.*)
    to /static_cdn/{1}
  }
  tls /etc/ssl/site_com.crt-bundle /etc/ssl/site_com.key
  root /opt/src
  gzip
}

Because my subdomain is dynamic used by username of the application.
Thanks in advance for any help that you are able to provide.

As soon as you provide keys, the site is no longer eligible for Automatic HTTPS:

Caddy automatically enables HTTPS for all your sites, given that some reasonable criteria are met:

  • […]
  • Certificates and keys are not provided by you

That means your site will be served (over HTTPS) on port 2015 (the default when Automatic HTTPS isn’t enabled). You’ll need to specify both the HTTP and the HTTPS endpoints for your site instead, e.g.:

https://*.example.com {
  ...
  tls /path/to/example.com.cert /path/to/example.com.key
}
http://*.example.com {
  ...
}
2 Likes

So if I don’t want user use http I need to redir right ?

https://*.example.com {
  ...
  tls /path/to/example.com.cert /path/to/example.com.key
}
http://*.example.com {  
    redir https://{host}{uri} 
}

Thank you.

Yep! That should take care of it nicely.

1 Like

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.