A Go web server 'Caddy' that can easily acquire an SSL certificate & can also use HTTP / 3 with a simple configuration file



Famous software as a web server is

Apache or nginx , but there should be many people who find it difficult to configure. ' Caddy ', developed by Google's programming language ' Go ', is a web server that enables SSL encryption and HTTP / 3 communication with minimum settings.

Caddy 2
https://caddyserver.com/v2

Caddy is available on Linux such as Ubuntu and CentOS. This time I will install Caddy on Ubuntu 18.04.



Caddy can be installed by executing the following command.

[code] echo 'deb [trusted = yes] https://apt.fury.io/caddy/ /' \
| sudo tee -a /etc/apt/sources.list.d/caddy-fury.list
sudo apt update
sudo apt install caddy [/ code]



Once installed, Caddy will start automatically. When I accessed the domain name of the server, the welcome screen was displayed properly.



Since HTTPS is not enabled just by installing Caddy, 'Unprotected communication' is displayed in the address bar of Chrome.



Caddy uses

Let's Encrypt to automatically obtain an SSL certificate. To enable HTTPS, add the domain name to the Caddy configuration file '/ etc / caddy / Caddyfile' according to the instructions on the welcome screen.



After modifying the file, reload the Caddy service.

[code] sudo systemctl reload caddy [/ code]



When I accessed the server URL again, it said 'This communication is protected'. The SSL certificate has been obtained, and HTTPS is being properly used for communication.



The Caddy file is also used for detailed Caddy settings such as changing the root directory and BASIC authentication. For example, in the following description, the root directory of the static file server 'example.com' is '/ var / www / html /', the access log is recorded in '/var/log/caddy/access.log', BASIC This is the content to set the authentication under the root directory.

[code] example.com {
root * / var / www / html /
file_server
log {
output file /var/log/caddy/access.log
}
basicauth / * {
Username password hash
}
} [/ code]



Caddy also supports

HTTP / 3 , which is still in the experimental stage. To use HTTP / 3, add the following description to the beginning of the Caddy file and reload the service.

[code] {
experimental_http3
} [/ code]



At the time of article creation, the only browsers that support HTTP / 3 are Chrome Canary and Firefox nightly versions, so this time I will try communicating with HTTP Can on Chrome Canary. Execute the following command at the command prompt to enable HTTP / 3 and start Chrome Canary. Note that '27' in h3-27 is an HTTP / 3 draft number, so it is frequently changed.

[code] 'C: \ Users \ username \ AppData \ Local \ Google \ Chrome SxS \ Application \ chrome.exe' --enable-quic --quic-version = h3-27 [/ code]



When accessing the URL, the protocol was displayed as 'h3-27' and it was confirmed that the connection was made via HTTP / 3.

Related Posts:

in Software, Posted by darkhorse_log