cat <<EOF | tee certificate.cfg
[ req ]
req_extensions = req_ext
distinguished_name = req_distinguished_name
prompt = no
[req_distinguished_name]
commonName=mydomain.io
[req_ext]
subjectAltName = @alt_names
[alt_names]
DNS.1 = mydomain.io
DNS.2 = *.mydomain.io
EOF
openssl req -x509 -config certificate.cfg -extensions req_ext -nodes -days 730 -newkey rsa:2048 -sha256 -keyout key.pem -out cert.pem
cat > Caddyfile <<EOF
mydomain.io:443 {
tls cert.pem key.pem
browse
root web
log /dev/stdout
}
mydomain.io:80 {
redir 301 {
if {scheme} not https
/ https://{host}{uri}
}
}