Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Caddy - Setting HTTPS on local domain

I would like to add HTTPS to my local domain, however we can't do this on localhost.

My website goes fine when I run with this Caddyfile

localhost:2020 {
  bind {$ADDRESS}
  proxy / http://192.168.100.82:9000 {
    transparent
  }
}

But I would like to name this website or at least enable HTTPS on it. According to Caddy, you can't do this on localhost, but what if I have a domain name ?

I have tried using my own local address with this Caddyfile

192.168.100.26 {
  bind {$ADDRESS}
  proxy / http://192.168.100.82:9000 {
    transparent
  }
}

All works fine but I still don't have HTTPS...

And when I try to add a random domain name for example

www.mycaddytest.com {
  bind {$ADDRESS}
  proxy / http://192.168.100.82:9000 {
    transparent
  }
}

I got the following error

Activating privacy features...2016/08/18 11:53:26 [www.mycaddytest.com] failed to get certificate: acme: Error 400 - urn:acme:error:connection - DNS problem: NXDOMAIN looking up A for www.mycaddytest.com
Error Detail:
Validation for www.mycaddytest.com:80
Resolved to:

Used: 

I know this error is dues to an unexisting domain name, but is there a way to deal with ?

Just getting HTTPS on localhost or ip address will be enough

like image 967
Alexi Coard Avatar asked Aug 18 '16 09:08

Alexi Coard


3 Answers

For caddy version 2.4.5, the accepted answer did not work me. What worked is shown below:

localhost:443 {
        reverse_proxy 127.0.0.1:8080
        tls internal
}
like image 60
bahruz Avatar answered Oct 17 '22 14:10

bahruz


Since Caddy 0.9 we can use the tls self_signed attribute.

Use this Caddyfile

localhost:2020 {
  bind {$ADDRESS}
  proxy / 192.168.100.82:9000
  tls self_signed
}

And try https://localhost:2020

like image 19
Alexi Coard Avatar answered Oct 17 '22 12:10

Alexi Coard


I know that answer is already accepted. But I had the same problem with Caddy v0.10.14 and it's a solution that helped me (but with real SSL certificate instead of self_signed):

  1. Firstly, certificate & key pair must be in this directories: /etc/pki/tls/certs/ for certificate and /etc/pki/tls/private/ for key. So go to one of this directory with cd command

  2. Then, create our own, self-signed certificate for HTTP2.0 testing with a single command, however. Just execute on your commandline to generate a SSL certificate + key pair:

openssl req -new -newkey rsa:2048 -sha256 -days 365 -nodes -x509 -keyout cert.key -out cert.crt

  1. After that, move files to correct directories (see the first point)
  2. Next, use this Caddyfile and try https://localhost:2020:

    localhost:2020 {
      bind {$ADDRESS}
      root /var/www
      gzip
      tls your.address@example.com
      tls /etc/pki/tls/certs/cert.crt /etc/pki/tls/private/cert.key
    }
like image 5
nvipash Avatar answered Oct 17 '22 14:10

nvipash