diff options
author | Mark Sargent <99003+sarge@users.noreply.github.com> | 2020-02-13 09:07:25 +1300 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-02-12 13:07:25 -0700 |
commit | eb80165583776d878256359f1635ffa9a17f0171 (patch) | |
tree | 867c44c12fb5d6923dc2cf68f040e53969fd26dc /caddyconfig/httpcaddyfile/builtins.go | |
parent | 17d938fc54b347d54a4f56c1f0d6e92c65033548 (diff) |
tls: Add acme_ca_root and tls/ca_root to caddyfile (#3040)
Diffstat (limited to 'caddyconfig/httpcaddyfile/builtins.go')
-rw-r--r-- | caddyconfig/httpcaddyfile/builtins.go | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/caddyconfig/httpcaddyfile/builtins.go b/caddyconfig/httpcaddyfile/builtins.go index 29ca0be..bac12da 100644 --- a/caddyconfig/httpcaddyfile/builtins.go +++ b/caddyconfig/httpcaddyfile/builtins.go @@ -116,6 +116,9 @@ func parseTLS(h Helper) ([]ConfigValue, error) { if acmeCA := h.Option("acme_ca"); acmeCA != nil { mgr.CA = acmeCA.(string) } + if caPemFile := h.Option("acme_ca_root"); caPemFile != nil { + mgr.TrustedRootsPEMFiles = append(mgr.TrustedRootsPEMFiles, caPemFile.(string)) + } for h.Next() { // file certificate loader @@ -232,6 +235,13 @@ func parseTLS(h Helper) ([]ConfigValue, error) { return nil, h.Errf("getting DNS provider module named '%s': %v", provName, err) } mgr.Challenges.DNSRaw = caddyconfig.JSONModuleObject(dnsProvModule.New(), "provider", provName, h.warnings) + + case "ca_root": + arg := h.RemainingArgs() + if len(arg) != 1 { + return nil, h.ArgErr() + } + mgr.TrustedRootsPEMFiles = append(mgr.TrustedRootsPEMFiles, arg[0]) default: return nil, h.Errf("unknown subdirective: %s", h.Val()) |