Can free and open source software projects like Caddy and Traefik eventually replace EFF’s Certbot? Although Certbot continues to be developed, we think tools like these help offer a promising path forward in the further development of a secure and encrypted web. For some users, tools like these...
  • Rimu@piefed.social
    14·
    4 months ago

    They both implement the ACME protocol internally, allowing them to integrate with services like Let’s Encrypt to automate regularly obtaining the certificates needed to offer HTTPS.

    I did not realise this. Very nice, I’ll be trying Caddy on my next server!

    • elvith@feddit.de
      9·
      4 months ago

      My newest vps runs with Caddy. Works like a charm. The downside was, that I didn’t think of the automatic certificate deployment when I set everything up and it wouldn’t come up a first when I only wanted to connect locally to it, as it tried to get a certificate but the challenge failed because I hadn’t the firewall open yet. But besides that it was very smooth so far.

      • dfyx@lemmy.helios42.de
        3·
        4 months ago

        You know what’s even better? You can point traefik to your own ACME-compatible CA (I use step-ca) to get certs for LAN-only services. And you can even configure per service which one it should use.

  • iiGxC@slrpnk.net
    10·
    4 months ago

    I’ve had pretty good experience with caddy, although some key aspects of documentation I found hard to find - namely, how to use it with docker compose and a custom build with other plugins like dns challenge and dynamic dns

    • Rekhyt@beehaw.org
      3·
      4 months ago

      Yeah, it just replaces the cert files and reload/restarts nginx for me. I don’t want it anywhere near my config files.

  • jarfil@beehaw.org
    3·
    4 months ago

    Isn’t Certbot like the “reference implementation” though?

    I’ve been using Traefik for several years now, but I think having a tool that allows troubleshooting the process step by step is also valuable.