caddy icon indicating copy to clipboard operation
caddy copied to clipboard
verified publisher icon caddyserver

Enterprise self purchased CA certificate automatic update

Open LIndspuI7 opened this issue 9 months ago • 2 comments

I am an IT administrator for a company. We have purchased SSL certificates from other CAs, and they are sent to us annually after the SSL certificates are issued. If I deploy an HTTP/FTP/SMB service on the intranet to download SSL certificates, can Caddy support automatic SSL certificate renewal in this scenario?

LIndspuI7 avatar Apr 18 '25 00:04 LIndspuI7

What do you mean by "support automatic SSL certificate renewal" exactly?

If Caddy isn't the one initiating a new certificate from a CA to use it, then the certificate has to be loaded in configuration just like with traditional web servers. And then before the certificate expires, you have to load the new one in.

You can have a script place your certificate on disk and then reload Caddy of course, to "automate" it. Is that what you're asking?

mholt avatar Apr 18 '25 02:04 mholt

Maybe you're looking for get_certificate http (inside the tls directive)? https://caddyserver.com/docs/caddyfile/directives/tls#certificate-managers

francislavoie avatar Apr 18 '25 05:04 francislavoie