https://blog.geoffcorey.com/tags/ssl/ Recent content in SSL on Geoff Corey's Blog Hugo en Fri, 23 May 2025 00:00:00 +0000 https://blog.geoffcorey.com/posts/caddy-wildcard-certs-and-ghost/ Fri, 23 May 2025 00:00:00 +0000 https://blog.geoffcorey.com/posts/caddy-wildcard-certs-and-ghost/ <h2 id="the-problem">The Problem</h2> <p>Hosting multiple applications on subdomains requires a strategy for SSL certificates. The specific example involves deploying Ghost blogging software to <code>blog.geoffcorey.com</code> while redirecting the root domain to this subdomain. The setup uses wildcard Let&rsquo;s Encrypt certificates to avoid generating separate certificates for each subdomain.</p> <h2 id="cloudflare-api-token">Cloudflare API Token</h2> <p>DNS configuration requires Cloudflare. The <a href="https://github.com/caddybuilds/caddy-cloudflare">CaddyBuilds/caddy-cloudflare</a> Docker image provides DNS challenge support for obtaining wildcard certificates.</p> <h2 id="setup-docker-compose--caddy-configuration">Setup: Docker Compose &amp; Caddy Configuration</h2> <h3 id="docker-composeyml">docker-compose.yml</h3> <p>The configuration includes three services:</p>