Depends on what you want. You can have the application have an https certificate which could either be one issued my a globally trusted issuer or could just be a self issued certificate that caddy is configured to trust. And caddy can then add the globally trusted certificates from let’s encrypt or whatever. But that definitely requires extra steps. Just, how secure do you want to be?