|
|
|
|
|
|
by Whitestrake
2660 days ago
|
|
|
No worries, hope it makes the facts nice and transparent for people. If anyone reading this has questions or concerns about Caddy, I'd invite further discussion over on their forums. I believe AWS can do this because they have proof that you own the domain (effectively DNS validation) before handing out certs. Caddy can do similar with DNS validation - fetching your cert without needing to be publicly accessible. It needs you to hook into the API of one of the supported DNS providers though, because validation is still done on a per-request basis (but it has been able to do wildcards for a while). I understand that AWS is more validate once, sign certificates many times, which is quite convenient - and it all hooks into their systems fairly automatically. |
|
|