Skip to content

Commit 70f704b

Browse files
committed
docs: clarify Node CA trust setup for local Caddy certs
1 parent 5586635 commit 70f704b

1 file changed

Lines changed: 26 additions & 0 deletions

File tree

README.md

Lines changed: 26 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -82,6 +82,32 @@ devwrap --json --name api -- uvicorn app:app --port @PORT
8282

8383
`devwrap proxy trust` fetches the local CA root from Caddy admin API and installs trust using the same truststore approach used by Caddy.
8484

85+
For Node.js clients (`fetch`, undici, axios over HTTPS), you may also need to enable CA trust in Node:
86+
87+
- Newer Node versions: set `NODE_USE_SYSTEM_CA=1` so Node uses system trust.
88+
- Older Node versions (or as a fallback): set `NODE_EXTRA_CA_CERTS` to Caddy's local root cert path.
89+
90+
Caddy local root cert path is resolved from the Caddy data dir in this order:
91+
92+
- `$DEVWRAP_CADDY_DATA_DIR` (if set)
93+
- else `$CADDY_DATA_DIR` (if set)
94+
- else platform default Caddy data dir (macOS: `~/Library/Application Support/Caddy`, Linux: `~/.local/share/caddy`)
95+
96+
Append `pki/authorities/local/root.crt` to the selected data dir.
97+
98+
Example:
99+
100+
```bash
101+
# Newer Node
102+
export NODE_USE_SYSTEM_CA=1
103+
104+
# Older Node / fallback (macOS)
105+
export NODE_EXTRA_CA_CERTS="$HOME/Library/Application Support/Caddy/pki/authorities/local/root.crt"
106+
107+
# Older Node / fallback (Linux)
108+
export NODE_EXTRA_CA_CERTS="$HOME/.local/share/caddy/pki/authorities/local/root.crt"
109+
```
110+
85111
## Runtime Files
86112

87113
State is stored in:

0 commit comments

Comments
 (0)