Validation rejects `auto_https prefer_wildcard`

[vbrandl]

Issue Details

I want to use a wildcard certificate for services under the same domain and I'm using caddy-docker-proxy, so I can't use the solution as described in the docs: https://caddyserver.com/docs/caddyfile/patterns#wildcard-certificates

My (simplified) Caddyfile looks like this:

{
	auto_https prefer_wildcard
}

*.example.com {
	tls {
		dns desec {
			token "{$TOKEN}"
		}
		propagation_delay 120s
	}

	abort
}

foo.example.com {
}

bar.example.com {
}

This worked with caddy 2.10.2 and 2.11.1, but since v2.11.1, caddy validate -c Caddyfile fails the validation: Error: adapting config using caddyfile: parsing caddyfile tokens for 'auto_https': auto_https must be one of 'off', 'disable_redirects', 'disable_certs', or 'ignore_loaded_certs', at Caddyfile:2

The problem can be reproduced using the following two calls:

• docker run --rm -it -v $PWD:/foo caddy:2.11.1 caddy validate -c /foo/Caddyfile
• docker run --rm -it -v $PWD:/foo caddy:2.10.2 caddy validate -c /foo/Caddyfile

The second call might fail because the DNS provider is not known, but it doesn't complain about prefer_wildcard

Assistance Disclosure

AI not used

If AI was used, describe the extent to which it was used.

No response

[francislavoie]

That option is removed, it's now the default behaviour (wildcard is preferred by default).

The docs you linked says this:

With the DNS challenge enabled, as of Caddy 2.10, Caddy will prefer an applicable wildcard certificate that is already configured or managed before managing a separate certificate for a subdomain.

[vbrandl]

Ah ok, thanks. So I can just remove the auto_https setting completely?