Overview#
Caddy’s docs are excellent, but it’s easy to get lost in all the details. The default certificate lifetime for the internal Caddy CA is 12 hours and I wanted to increase it to 48 hours (2 days). I could not find a good example of a working configuration, so hopefully this post helps someone else!
Configuration#
You’ll need a tls
directive with an issuer internal
subdirective. You cannot use the tls internal {}
shorthand. This is what tripped me up.
In this example, I’m using snippets, which allows the configuration to be reused for individual site/service definitions (via import
).
(tls-int-48h) {
tls {
issuer internal {
ca local
lifetime 48h
}
}
}
login.example.com:443 {
import tls-int-48h
reverse_proxy 127.0.0.1:3001
}