Automatic HTTPS with Caddy2

Wed Aug 25 2021 • server caddy2 ssl tls https

Nginx is a popular web server that can act as reverse proxy, load balancer etc. And to serve the content over HTTPS, the nginx config needs to be updated with SSL configuration. Certbot is a great tool for generating Free SSL certificate from Let's encrypt to enable HTTPS.

What about a server that automatically provisions a SSL certificate and enables HTTPS out of the box. If your requirement is similar to this, then I would recommend to give Caddy2 a try. Caddy 2 is a powerful, enterprise-ready, open source web server with automatic HTTPS written in Go. It is also free to use in commercial projects.

Here is an example of a domain configured with reverse_proxy.

{
    admin off
    email you@example.com
}

example.com {
    reverse_proxy http://localhost:3000
    encode gzip
}

Pretty simple, isn't it? And your domain is served with https. Now you don't have to use certbot or setup cronjob to periodically check for expiry date to renew the certificate.

Note:

make sure to point the A record for the domain to the correct IP.

Adding virtual hosts

Adding server blocks is pretty straightforward.

example.com {
    reverse_proxy http://localhost:3000
}

api.example.com {
    reverse_proxy http://localhost:4000
}

This will provision a certificate to api.example.com and you can access the endpoint with https protocol.