Skip to main content
Increasing the certificate lifetime for the Caddy internal CA
  1. Posts/

Increasing the certificate lifetime for the Caddy internal CA

·123 words·1 min
How To

Overview
#

Caddy’s docs are excellent, but it’s easy to get lost in all the details. The default certificate lifetime for the internal Caddy CA is 12 hours and I wanted to increase it to 48 hours (2 days). I could not find a good example of a working configuration, so hopefully this post helps someone else!

Configuration
#

You’ll need a tls directive with an issuer internal subdirective. You cannot use the tls internal {} shorthand. This is what tripped me up.

In this example, I’m using snippets, which allows the configuration to be reused for individual site/service definitions (via import).

(tls-int-48h) {
  tls {
    issuer internal {
      ca local
      lifetime 48h
    }
  }
}

login.example.com:443 {
  import tls-int-48h
  reverse_proxy 127.0.0.1:3001
}
   Caddy TLS Web

Related

Creating a short link service using Cloudflare Workers KV
·628 words·3 mins
How To
A quick guide on creating a basic short link / redirect service for free using Cloudflare Workers KV
Passkeys and Verifiable Digital Credentials: Friends or Foes? @ Identiverse 2025
Presentations
A session at Identiverse 2025 which explores the nuanced dynamics between passkeys and verifiable digital credentials, and their technological foundations across usability, privacy, trust models, and ecosystems with the goal of answering whether passkeys and verifiable digital credentials are friends or foes—and how these technologies might collaboratively shape the future of secure, user-centric digital identity systems.
The Past, Present, and Future of Passkeys @ Internet2 TechEx 2024
Presentations
This talk at Internet2 TechEx 2024 centered on passkeys: their arrival in 2022, how they work, their impact on security and user experience, and what the future holds with federation and digital identity wallets.