diff options
author | Matthew Holt <mholt@users.noreply.github.com> | 2020-03-23 13:32:17 -0600 |
---|---|---|
committer | Matthew Holt <mholt@users.noreply.github.com> | 2020-03-23 13:32:17 -0600 |
commit | 169883868503c809c9ac9c8c1fe93c7deff9cd2e (patch) | |
tree | 05f9a2a684ff8f4097a18a83fd6929e2503ca51a | |
parent | 4c43bf8cc8dbdaa42f3eb1fc7936afdefe3d4bbf (diff) |
tls: Few minor improvements/simplifications
-rw-r--r-- | cmd/commandfuncs.go | 4 | ||||
-rw-r--r-- | modules/caddytls/acmeissuer.go | 1 | ||||
-rw-r--r-- | modules/caddytls/automation.go | 8 |
3 files changed, 8 insertions, 5 deletions
diff --git a/cmd/commandfuncs.go b/cmd/commandfuncs.go index e76d7f1..80d00a3 100644 --- a/cmd/commandfuncs.go +++ b/cmd/commandfuncs.go @@ -189,6 +189,10 @@ func cmdRun(fl Flags) (int, error) { cleanModVersion := strings.TrimPrefix(goModule.Version, "v") certmagic.UserAgent = "Caddy/" + cleanModVersion + // by using Caddy, user indicates agreement to CA terms + // (very important, or ACME account creation will fail!) + certmagic.DefaultACME.Agreed = true + // run the initial config err = caddy.Load(config, true) if err != nil { diff --git a/modules/caddytls/acmeissuer.go b/modules/caddytls/acmeissuer.go index 53638fe..0e43046 100644 --- a/modules/caddytls/acmeissuer.go +++ b/modules/caddytls/acmeissuer.go @@ -116,7 +116,6 @@ func (m *ACMEIssuer) makeIssuerTemplate() certmagic.ACMEManager { template := certmagic.ACMEManager{ CA: m.CA, Email: m.Email, - Agreed: true, CertObtainTimeout: time.Duration(m.ACMETimeout), TrustedRoots: m.rootPool, } diff --git a/modules/caddytls/automation.go b/modules/caddytls/automation.go index 9476445..73c12f9 100644 --- a/modules/caddytls/automation.go +++ b/modules/caddytls/automation.go @@ -154,7 +154,7 @@ func (ap *AutomationPolicy) Provision(tlsApp *TLS) error { } // if this automation policy has no Issuer defined, and - // none the subjects do not qualify for a public certificate, + // none of the subjects qualify for a public certificate, // set the issuer to internal so that these names can all // get certificates; critically, we can only do this if an // issuer is not explictly configured (IssuerRaw, vs. just @@ -198,7 +198,7 @@ func (ap *AutomationPolicy) Provision(tlsApp *TLS) error { KeySource: keySource, OnDemand: ond, Storage: storage, - Issuer: ap.Issuer, // if nil, certmagic.New() will set default in returned Config + Issuer: ap.Issuer, // if nil, certmagic.New() will create one } if rev, ok := ap.Issuer.(certmagic.Revoker); ok { template.Revoker = rev @@ -210,8 +210,8 @@ func (ap *AutomationPolicy) Provision(tlsApp *TLS) error { // access to the correct storage and cache so it can solve // ACME challenges -- it's an annoying, inelegant circular // dependency that I don't know how to resolve nicely!) - if configger, ok := ap.Issuer.(ConfigSetter); ok { - configger.SetConfig(ap.magic) + if annoying, ok := ap.Issuer.(ConfigSetter); ok { + annoying.SetConfig(ap.magic) } return nil |