diff options
author | Matthew Holt <mholt@users.noreply.github.com> | 2022-01-05 17:55:09 -0700 |
---|---|---|
committer | Matthew Holt <mholt@users.noreply.github.com> | 2022-01-05 17:55:09 -0700 |
commit | b4bfa29be2191ffacfa4ed747bd5cdce8da8917f (patch) | |
tree | 92da66d08a6edc0a4155b8cbe5cf0ffac549daae | |
parent | 6cadb60fa2308f24a20a32c3f8d5e3a521c277ff (diff) |
admin: Require identity for remote (fix #4478)
-rw-r--r-- | admin.go | 3 |
1 files changed, 3 insertions, 0 deletions
@@ -466,6 +466,9 @@ func replaceRemoteAdminServer(ctx Context, cfg *Config) error { } // create TLS config that will enforce mutual authentication + if identityCertCache == nil { + return fmt.Errorf("cannot enable remote admin without a certificate cache; configure identity management to initialize a certificate cache") + } cmCfg := cfg.Admin.Identity.certmagicConfig(remoteLogger, false) tlsConfig := cmCfg.TLSConfig() tlsConfig.NextProtos = nil // this server does not solve ACME challenges |