Buy Now and unlock this series
$
49
.99
$
29
.99
yours forever
$
49
.99
$
29
.99
Become a Pro and unlock everything
$
24
.99
per month
$
24
.99
Local SSL With Caddy Server
Now that we have our hosts file updated, we will use Caddy to get http certificates for our dev server
Caddy: https://caddyserver.com/docs/install
For those with homebrew, Caddy can be installed with
the following command
brew install caddy
Downloads
Become a pro to download code and videos
Level 2 Node Authentication
23 videos
Released: March 31 2021Course Instructor
Scott Tolinski
- Getting Started
7m4s - Secure Cookies
6m47s - Hosts File
4m28s - Local SSL With Caddy Server
7m11s - Cookies In Safari
6m34s - Separate UI and API
11m25s - What Is CORS
4m30s - Implementing CORS
null - Sending Email
18m51s - Create Verify Email Link
18m41s - More Complex UI Server
15m16s - Verify Password Server Route
15m16s - Password Verification
15m12s - Change Password
26m8s - Fixing Logout
6m37s - Forgot Password Flow
29m56s - Reset Password UI
16m25s - Reset Password Server
26m8s - Authenticator 2FA UI
22m59s - Authenticator Tokens and Validation
21m23s - Authenticator Register
8m35s - Authenticator Login
25m5s - Where To Go From Here
5m34s
Comments
Hartwig
12 months ago [edited]
@Raul Thank you - that is great resource : curl.exe -A "MS" https://webinstall.dev/caddy | powershell
The issue is as always: does th install consider the PATH. And this one does. Nice install - environment variables were set like magic- called it caddy run and it ran Windows presented me a pop up "do you, honrable user, really really want to install this certificate" and I agreed.
As I had stopped my node app to run, I used a folder nearby, opened with VSC and opened the terminal to start it: nodeauth.dev and all the bells and whistles. Cool. I needed a break.
David Fraser Bergeron
about 1 year ago
I had some trouble getting this running on Firefox on OSX. Kept getting the error: SEC_ERROR_UNKNOWN_ISSUER.
It turns out Firefox has its own keychain for Certificate Authorities, so you need some way to let it know that you want it to use your root/local CA's.
I got it working by setting "security.enterprise_roots.enabled" to 'true' in my firefox "about:config". You can find more info here: https://support.mozilla.org/en-US/kb/setting-certificate-authorities-firefox
Hope this saves someone some time!
Panos
over 1 year ago
In case it helps someone, to get it to work in big sur i had to manually delete the contents of : /Users/[MY_USER]/Library/Application Support/Caddy
I installed it using brew in the past and might have had some old config files.
Jon Deavers
over 1 year ago
Hello. I am stuck trying to get Caddy to serve my files. I've tried troubleshooting online and the terminology used in the solutions found is way above my pay grade. When I run "caddy run" I get the following warning:
tls stapling OCSP {"error": "no OCSP stapling for [nodeauth.dev]: no OCSP server specified in certificate"}
Then when I try to hit the "nodeauth.dev" in my browser I get:
http.log.error dial tcp 127.0.0.1:3000: connectex: No connection could be made because the target machine actively refused it. {"request": {"remote_addr": "127.0.0.1:55031", "proto": "HTTP/2.0", "method": "GET", "host": "nodeauth.dev", "uri": "/", "headers": {"Accept-Encoding": ["gzip, deflate, br"], "Cache-Control": ["max-age=0"], "Sec-Ch-Ua": [" Not A;Brand;v=99, Chromium;v=90, Google Chrome;v=90"], "Upgrade-Insecure-Requests": ["1"], "Accept": ["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9"], "Sec-Fetch-Site": ["none"], "Sec-Fetch-User": ["?1"], "Sec-Fetch-Dest": ["document"], "Sec-Ch-Ua-Mobile": ["?0"], "Dnt": ["1"], "User-Agent": ["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36"], "Sec-Fetch-Mode": ["navigate"], "Accept-Language": ["en-US,en;q=0.9,la;q=0.8"]}, "tls": {"resumed": false, "version": 772, "cipher_suite": 4865, "proto": "h2", "proto_mutual": true, "server_name": "nodeauth.dev"}}, "duration": 2.0236174, "status": 502, "err_id": "gxz6vw282", "err_trace": "reverseproxy.statusError (reverseproxy.go:783)"}
The hosts file looks like this:
localhost name resolution is handled within DNS itself.
I am on windows and had followed part 1 and part 2 line for line up to this point. Any guidance is appreciated. Thanks!
Raul
over 1 year ago
@Jason Long If you're on Windows I'd suggest you check out this documentation https://webinstall.dev/caddy/ instead of what's on the tutorial. Looks like it will also require some Firewall updates, let me know if you think this is not related to your issue though.
Jason Long
over 1 year ago
Has anyone had any issues with this process on Windows? I'm still getting privacy error warnings from Chrome and am having issues finding guidance.
Mark Volkmann
over 1 year ago
Finally got the caddy server running in macOS. I don't know why I needed to do this, but changing my Caddyfile to the following (added the http_port line) fixed the issue I was hitting where it said port 80 was in use.
{ http_port 8089 local_certs }
nodeauth.dev { reverse_proxy 127.0.0.1:3000 }
Mark Volkmann
over 1 year ago
I haven't been able to get this to work on macOS.
caddy run
gives me this output:2021/04/14 17:26:09.114 INFO using adjacent Caddyfile 2021/04/14 17:26:09.115 INFO admin admin endpoint started {"address": "tcp/localhost:2019", "enforce_origin": false, "origins": ["localhost:2019", "[::1]:2019", "127.0.0.1:2019"]} 2021/04/14 17:26:09.116 INFO tls.cache.maintenance started background certificate maintenance {"cache": "0xc0003c6e00"} 2021/04/14 17:26:09.123 INFO http server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS {"server_name": "srv0", "https_port": 443} 2021/04/14 17:26:09.123 INFO http enabling automatic HTTP->HTTPS redirects {"server_name": "srv0"} 2021/04/14 17:26:09.259 INFO pki.ca.local root certificate is already trusted by system {"path": "storage:pki/authorities/local/root.crt"} run: loading initial config: loading new config: http app module: start: tcp: listening on :80: listen tcp :80: bind: address already in use
But as far as I can see from using the
lsof
command, I don't have any processing listening on port 80.Bradley
over 1 year ago [edited]
To help others on any Ubuntu flavor I had to do the following to get Caddy reverse proxy working:
sudo systemctl disable caddy
Want to join the conversation?
Become a Pro member today!