default HTTPS / TLS for localhost development and local sharing

[coolaj86]

I'd like to suggest bundling HTTPS certs to use for local development.

Here are some free ones, but you could take the $12 plunge and make a similar setup just for caddy.

https://github.com/Daplie/localhost.daplie.com-certificates

Also, once the letsencrypt stuff is testable I'd be happy to let you use the dyndns service I run for daplie, or create a copy of it for caddyserver.com so that a person that wants to quickly share a file with a friend could get a dyndns address with a valid https certificate and privately share the file over the starbucks wifi.

Something like https://lucky-duck-42.dapliedns.com:2015/

[mholt]

What's wrong with signing your own cert for local dev? (Will address the dyndns stuff a bit later.)

[coolaj86]

1. The big scary "your connection isn't private" page that blocks you from doing anything else until you click the "advanced" button

2. None of the tutorials (except mine) are correct. They all have you serving a Root CA instead of a Server CRT, which leads to nasty problems with curl like UNABLE_TO_VERIFY_LEAF_SIGNATURE.

[mholt]

What if Caddy generated a self-signed cert (and key) when it started and kept it just in memory (no need to write it out to a file, since it's just for local dev). It doesn't solve the first issue of the browser security warnings, but it's still an excellent step forward. And it could even generate the cert properly to avoid that curl error you mentioned.

Thanks for the offer with Daplie; I'll take a look and consider it.