summaryrefslogtreecommitdiff
path: root/caddyconfig
diff options
context:
space:
mode:
authorFrancis Lavoie <lavofr@gmail.com>2022-02-19 16:20:38 -0500
committerGitHub <noreply@github.com>2022-02-19 14:20:38 -0700
commit26d633baf83994e79d2961fa9f5b37ef5b0ab800 (patch)
tree3214fd1eba54ca6c2a77433ef95551f3bf5283b7 /caddyconfig
parentff137d17d008b827d32876310e1179ec5003fef7 (diff)
httpcaddyfile: Disabling OCSP stapling for both managed and unmanaged (#4589)
Diffstat (limited to 'caddyconfig')
-rw-r--r--caddyconfig/httpcaddyfile/tlsapp.go5
1 files changed, 5 insertions, 0 deletions
diff --git a/caddyconfig/httpcaddyfile/tlsapp.go b/caddyconfig/httpcaddyfile/tlsapp.go
index 48506d8..daaec95 100644
--- a/caddyconfig/httpcaddyfile/tlsapp.go
+++ b/caddyconfig/httpcaddyfile/tlsapp.go
@@ -301,6 +301,11 @@ func (st ServerType) buildTLSApp(
tlsApp.Automation.RenewCheckInterval = renewCheckInterval
}
+ // set whether OCSP stapling should be disabled for manually-managed certificates
+ if ocspConfig, ok := options["ocsp_stapling"].(certmagic.OCSPConfig); ok {
+ tlsApp.DisableOCSPStapling = ocspConfig.DisableStapling
+ }
+
// if any hostnames appear on the same server block as a key with
// no host, they will not be used with route matchers because the
// hostless key matches all hosts, therefore, it wouldn't be