Think I’ve gone down the rabbit hole on this one.
I have more than one Debian machine that I host apps on. I want to serve them with https, so I decided it was best to centrally get the domain cert/key (I’ve used certwarden) and use a script/cron job on each server to get the certs. Then use caddy to reverse-proxy.
So, after some research I decided that certs should be placed in /etc/SSL/certs (keys in /etc/SSL/private). Problem is caddy can’t get to them. I’ve tried messing around with permissions etc but I suspect I’m running into issues because I’m not doing this the proper way.
What is the proper way of doing it? Or is there a much easier solution?
I always recommended people new to reverse proxies start with Npm. Reverse proxies are designed to do exactly what you’re trying to do, although I’m not sure why you’ve brought in certwarden. In npm just put in the IP:Port of the host (local or remote) same goes for caddy, but in my experience its not as easy to configure as npm