Deploying Behind Caddy
Data security is a top priority these days, and data needs to be secure even when in transit. To maintain security while data is in transit, it is recommended that Binfer's Enterprise Server is configured to run using HTTPS connections.
Caddy is a tool built with simplicity in mind to manage web servers and automatic SSL. Caddy is quick to configure out of the box whether it's running on a new machine or integrating into your existing web servers. The goal of this guide is to outline the steps to setup Caddy to manage SSL certificates for your Binfer Enterprise Server.
NOTE: If you already have an SSL cert for the subdomain chosen or you have a wildcard SSL cert for your domain, we recommend following Deploying Behind IIS
This guide starts with the following assumptions:
- There is already a domain (or subdomain) set that points to the web server where Binfer's Enterprise Server is running
- Port 80 and port 443 are open on both the local firewall present on the system and any network firewall that might be present
- Binfer's Enterprise Server is already installed and is running without issue using HTTP
- You have admin access to the machine hosting Binfer's Enterprise Server.
- First, you will need to download the Caddy package which can be found here
- Next you will need to create a directory to unzip your files to. In our examples we create a folder called Caddy under the C: drive so that our files are under the location C:Caddy
Note: Caddy can run from any directory, but if you choose to use a different directory than what is provided in this example there will be extra configuration steps below.
- Once the directory is unpacked, you should right click on the file called Caddyfile and open it in an editor so that you can edit it. Replace xxx.xxx.com with your domain or subdomain and replace 8080 with whichever port you provided to the Binfer Enterprise Server during installation. Once modified, you can save and close this file
- Next, run the file labeled start.bat to test that the Caddy configuration is working. You will see several logs as Caddy generates SSL certs for your domain
Note: If you chose to install Caddy in a different directory, you will need to first edit start.bat so that the first line navigates into the correct directory
- Once the SSL certs have been generated you should be able to test everything is working by connecting to your domain locally. Caddy should redirect any HTTP connections automatically to HTTPS so you can connect the way you are used to
- You can verify Caddy is working by checking in the corner of your browser for a lock icon to show your connection is secure or the prefix https:// in front of your URL
- Once you've verified that Caddy is working locally, you can close the command prompt window that opened when you launched start.bat. This will stop Caddy so that you can set it up as a service
Running Caddy as a Service
- Right click the file labeled installService.bat and select 'Run as Administrator'
Note: If you chose to install Caddy in a different directory, you will need to first edit installService.bat so that the first line navigates into the correct directory
- In the windows search bar enter 'Services' and select 'Run as Administrator'
- Once the Services window is open you should see a service labeled Caddy Web Server (Powered by WinSW). Right click the service and select 'Start'
- Caddy should now be running as a background service and you can once again connect locally to verify the result
Configuring Binfer to run with HTTPS
- Navigate to the UI of your Binfer Enterprise Server instance
- From the left hand navigation select SETTINGS. Then from the settings select NETWORK
- In the network settings enter port 443 as your domain port
- Next, check the box next to Is HTTPS?
- Finally, click the save button next to the is HTTPS? checkbox to confirm your new settings
- When you save, your test URL should update to use the https:// protocol. Your Binfer instance is now configured to use HTTPS!
I can connect locally but I cannot connect from a remote machine
This is likely a firewall issue. Please make sure that port 443 is open on both your network firewall and the firewall on the local machine.
I need Caddy to integrate into my current web architecture
Caddy is highly customizable. This guide is meant to be just a brief overview to get it working for Binfer’s Enterprise Server but for more advanced configurations please review Caddy’s documentation here.