Think I’ve gone down the rabbit hole on this one.
I have more than one Debian machine that I host apps on. I want to serve them with https, so I decided it was best to centrally get the domain cert/key (I’ve used certwarden) and use a script/cron job on each server to get the certs. Then use caddy to reverse-proxy.
So, after some research I decided that certs should be placed in /etc/SSL/certs (keys in /etc/SSL/private). Problem is caddy can’t get to them. I’ve tried messing around with permissions etc but I suspect I’m running into issues because I’m not doing this the proper way.
What is the proper way of doing it? Or is there a much easier solution?
I could never get certs working over locally served stuff, but Nginx Proxy Manager made the few things I publish to web fairly easy to get https working. I’m just commenting to come back later and read the answers myself… Let me know if you get it working over Lan!