caddy-docker-proxy icon indicating copy to clipboard operation
caddy-docker-proxy copied to clipboard
verified publisher icon lucaslorentz

Disable certificate generation for a specific domain

Open sowinski opened this issue 9 months ago • 3 comments

Hi,

I have the following labels in my docker compose:

labels:
  caddy: "caddy.example.com, www.example.com, www.example.se, www.example.pl, www.example.it"
  caddy.log:
  caddy.reverse_proxy: "{{upstreams 8000}}"

I have infront of www.example.it a CDN placed. The CDN is creating the certificate for me. Caddy can not create a certifcate for www.exmaple.it anymore, because the DNS entries are missing.

So I want to disable the certificate generation for www.example.it but keep the certificate generation for the other domains.

How can I do this?

sowinski avatar Mar 11 '25 21:03 sowinski

You would need separate site blocks to change the config for that domain.

francislavoie avatar Mar 11 '25 22:03 francislavoie 

labels:
  caddy: "caddy.example.com, www.example.com, www.example.se, www.example.pl"
  caddy.log:
  caddy.reverse_proxy: "{{upstreams 8000}}"
  caddy_1: "www.example.it"
  caddy_1.reverse_proxy: "{{upstreams 8000}}"
  caddy_1.tls: "internal"

Do you mean like that? Is this the way how to stop creating a SSL certificate for www.example.it but still listening for incoming connections from www.example.it?

sowinski avatar Mar 12 '25 12:03 sowinski

Is this the way how to stop creating a SSL certificate for www.example.it but still listening for incoming connections from www.example.it?

tls internal provisions a locally signed certificate from Caddy instead of a third-party like LetsEncrypt.

If you only want to access via HTTP you would use http://www.example.it, that will only listen on :80 for that site-address, not :443 / HTTPS.

polarathene avatar Mar 21 '25 00:03 polarathene