Technology

A Go web server "Caddy" that can easily acquire an SSL certificate & can also use HTTP / 3 with a simple configuration file


software

A Go web server "Caddy" that can easily acquire an SSL certificate & can also use HTTP / 3 with a simple configuration file

The famous software as a web serverApacheOrnginxHowever, there are many people who find it difficult to set. Programming language from GoogleGoDeveloped inCaddyIs the minimum settingSSLIt is a web server that can be encrypted by HTTP and communicate with HTTP / 3.

Caddy 2
https://caddyserver.com/v2

Caddy is available on Linux such as Ubuntu and CentOS. This time I will install Caddy on Ubuntu 18.04.

Caddy can be installed by executing the following command.

echo "deb (trusted=yes) https://apt.fury.io/caddy/ /" 
    | sudo tee -a /etc/apt/sources.list.d/caddy-fury.list
sudo apt update
sudo apt install caddy

Once installed, Caddy will start automatically. When I accessed the domain name of the server, the welcome screen was displayed properly.

Since HTTPS is not enabled just by installing Caddy, "Unprotected communication" is displayed in the address bar of Chrome.

CaddyLet's EncryptWill automatically obtain an SSL certificate using. To enable HTTPS, add the domain name to the Caddy configuration file "/ etc / caddy / Caddyfile" according to the instructions on the welcome screen.

After modifying the file, reload the Caddy service.

sudo systemctl reload caddy

When I accessed the server URL again, it said "This communication is protected". The SSL certificate has been obtained, and HTTPS is being properly used for communication.

The Caddy file is also used for detailed Caddy settings such as changing the root directory and BASIC authentication. For example, in the following description, the root directory of the static file server "example.com" is "/ var / www / html /", the access log is recorded in "/var/log/caddy/access.log", BASIC This is the content to set the authentication under the root directory.

example.com {
    root * /var/www/html/       
    file_server
    log {
        output file /var/log/caddy/access.log
    }
    basicauth /* {
        ユーザー名 パスワードのハッシュ値
    }
}

Caddy is still experimentalHTTP / 3Also supports. To use HTTP / 3, add the following description to the beginning of the Caddy file and reload the service.

{
experimental_http3
}

At the time of article creation, the only browsers that support HTTP / 3 are Chrome Canary and Firefox nightly versions, so this time I will try communicating with HTTP Can on Chrome Canary. Execute the following command at the command prompt to enable HTTP / 3 and start Chrome Canary. Note that "27" in h3-27 is an HTTP / 3 draft number, so it is frequently changed.

"C:Usersユーザー名AppDataLocalGoogleChrome SxSApplicationchrome.exe" --enable-quic --quic-version=h3-27

When accessing the URL, the protocol was displayed as "h3-27" and it was confirmed that the connection was made via HTTP / 3.

Copy the title and URL of this article

Source link

Do you like this article??

Show More

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button