Table of Contents
Setting Up Local HTTPS Services with Custom Domains Using Caddy on Arch Linux
This guide explains how to serve multiple local services on custom domains (e.g.
.local → service1.local) with HTTPS, using Caddy and no external DNS
or certificates.
🧱 Prerequisites
- Arch Linux (or derivative)
- Services running locally on different ports (e.g., 8080, 9090)
caddyinstalled:sudo pacman -S caddy
🔧 Step 1: Map Local Hostnames
Edit /etc/hosts:
sudo nano /etc/hostsAdd:
127.0.0.1 service1.local service2.local service3.local📁 Step 2: Configure Caddyfile
Edit or create your Caddyfile (default path: /etc/caddy/Caddyfile):
service1.local {
tls internal
reverse_proxy 127.0.0.1:8080
}
service2.local {
tls internal
reverse_proxy 127.0.0.1:9090
}This tells Caddy to:
- Use internal TLS (self-signed CA)
- Reverse-proxy requests based on hostname and forward to corresponding ports
🚀 Step 3: Start Caddy
Restart the service to apply changes:
sudo systemctl restart caddy🔐 Step 4: Trust Caddy’s Local CA (One-Time Setup)
1. Copy the root certificate:
sudo cp /var/lib/caddy/pki/authorities/local/root.crt /etc/ca-certificates/trust-source/anchors/caddy-local.crt2. Update the system trust store:
sudo trust extract-compat3. (Optional) Trust in Firefox:
- Preferences → Privacy & Security → Certificates → View Certificates → Authorities → Import
- Choose
/var/lib/caddy/pki/authorities/local/root.crt - Check “Trust this CA to identify websites”
✅ Done!
Now you can access:
https://service1.local→127.0.0.1:8080https://service2.local→127.0.0.1:9090
All with trusted HTTPS, locally.