Search for a command to run...
Extensible, cross-platform web server written in Go that automatically obtains and renews TLS certificates for every site. Unlike traditional servers, HTTPS is the default: no manual cert setup or renewal scripts, with strong memory-safety guarantees and a modular architecture that keeps the binary lean.
Trusted by enterprises such as Stripe and Hope Channel International. Cited in peer-reviewed security research for its automatic HTTPS defaults and session ticket key rotation. Designed to manage certificates reliably at scale, including hundreds of thousands of sites, and passes PCI, HIPAA, and NIST compliance without extra configuration.
Key capabilities:
Common deployments include single-server static sites, reverse proxies in front of app servers, white-label SaaS with on-demand TLS for customer domains, and internal PKI for fleet-wide certificate management. The Caddyfile format often yields configs far shorter than equivalent NGINX configs. Developers use the config API for dynamic backends, CI/CD integration, and zero-downtime config reloads.