From 6518711538d99ebc067afaad6b4a08ce2c3feb37 Mon Sep 17 00:00:00 2001 From: Francis Lavoie Date: Fri, 16 Apr 2021 13:39:03 -0400 Subject: [PATCH] docs: Add wildcard certificates common pattern (#142) We did recently add a similar example to the `abort` directive docs, but I feel this is a good fit in this page as well since it's a commonly repeated pattern we respond with when answering forum questions. --- src/docs/markdown/caddyfile/patterns.md | 31 +++++++++++++++++++++++++ 1 file changed, 31 insertions(+) diff --git a/src/docs/markdown/caddyfile/patterns.md b/src/docs/markdown/caddyfile/patterns.md index 7589f62..d6bae0d 100644 --- a/src/docs/markdown/caddyfile/patterns.md +++ b/src/docs/markdown/caddyfile/patterns.md @@ -15,6 +15,7 @@ These are not drop-in solutions; you will have to customize your domain name, po - [PHP](#php) - [Redirect `www.` subdomain](#redirect-www-subdomain) - [Trailing slashes](#trailing-slashes) +- [Wildcard certificates](#wildcard-certificates) ## Static file server @@ -125,3 +126,33 @@ redir /remove/ /remove ``` Using a redirect, the client will have to re-issue the request, enforcing a single acceptable URI for a resource. + + +### Wildcard certificates + +If you need to serve multiple subdomains with the same wildcard certificate, the best way to handle them is with a Caddyfile like this, making use of the [`handle`](/docs/caddyfile/directives/handle) directive and [`host`](/docs/caddyfile/matchers#host) matchers: + +```caddy +*.example.com { + tls { + dns [] + } + + @foo host foo.example.com + handle @foo { + respond "Foo!" + } + + @bar host bar.example.com + handle @bar { + respond "Bar!" + } + + # Fallback for otherwise unhandled domains + handle { + abort + } +} +``` + +Note that you must enable the [ACME DNS challenge](/docs/automatic-https#dns-challenge) to have Caddy automatically manage wildcard certificates.