• Rimu@piefed.social
    link
    fedilink
    arrow-up
    14
    ·
    10 months ago

    They both implement the ACME protocol internally, allowing them to integrate with services like Let’s Encrypt to automate regularly obtaining the certificates needed to offer HTTPS.

    I did not realise this. Very nice, I’ll be trying Caddy on my next server!

    • elvith@feddit.de
      link
      fedilink
      arrow-up
      9
      ·
      10 months ago

      My newest vps runs with Caddy. Works like a charm. The downside was, that I didn’t think of the automatic certificate deployment when I set everything up and it wouldn’t come up a first when I only wanted to connect locally to it, as it tried to get a certificate but the challenge failed because I hadn’t the firewall open yet. But besides that it was very smooth so far.

      • dfyx@lemmy.helios42.de
        link
        fedilink
        arrow-up
        3
        ·
        edit-2
        10 months ago

        You know what’s even better? You can point traefik to your own ACME-compatible CA (I use step-ca) to get certs for LAN-only services. And you can even configure per service which one it should use.

  • iiGxC@slrpnk.net
    link
    fedilink
    arrow-up
    10
    ·
    10 months ago

    I’ve had pretty good experience with caddy, although some key aspects of documentation I found hard to find - namely, how to use it with docker compose and a custom build with other plugins like dns challenge and dynamic dns

    • Rekhyt@beehaw.org
      link
      fedilink
      arrow-up
      3
      ·
      10 months ago

      Yeah, it just replaces the cert files and reload/restarts nginx for me. I don’t want it anywhere near my config files.

  • jarfil@beehaw.org
    link
    fedilink
    arrow-up
    3
    ·
    10 months ago

    Isn’t Certbot like the “reference implementation” though?

    I’ve been using Traefik for several years now, but I think having a tool that allows troubleshooting the process step by step is also valuable.