caddytls: Reuse certificate cache through reloads (#5623)

* caddytls: Don't purge cert cache on config reload * Update CertMagic This actually avoids reloading managed certs from storage when already in the cache, d'oh. * Fix bug; re-implement HasCertificateForSubject * Update go.mod: CertMagic tag
author: Matt Holt <mholt@users.noreply.github.com> 2023-07-11 13:10:58 -0600
committer: GitHub <noreply@github.com> 2023-07-11 19:10:58 +0000
commit: 0e2c7e1d35b287fc0e56d6db2951f791e09b5a37 (patch)
tree: 3669f5d01fa351bda933d3796c50a72da9942a01 /modules/caddyhttp/autohttps.go
parent: 7ceef91295343237f5b81ed00e3ba7e8e594d603 (diff)
1 files changed, 1 insertions, 2 deletions
diff --git a/modules/caddyhttp/autohttps.go b/modules/caddyhttp/autohttps.go
index 4ade3c5..39ec135 100644
--- a/modules/caddyhttp/autohttps.go
+++ b/modules/caddyhttp/autohttps.go
@@ -196,8 +196,7 @@ func (app *App) automaticHTTPSPhase1(ctx caddy.Context, repl *caddy.Replacer) er
 					// if a certificate for this name is already loaded,
 					// don't obtain another one for it, unless we are
 					// supposed to ignore loaded certificates
-					if !srv.AutoHTTPS.IgnoreLoadedCerts &&
-						len(app.tlsApp.AllMatchingCertificates(d)) > 0 {
+					if !srv.AutoHTTPS.IgnoreLoadedCerts && app.tlsApp.HasCertificateForSubject(d) {
 						logger.Info("skipping automatic certificate management because one or more matching certificates are already loaded",
 							zap.String("domain", d),
 							zap.String("server_name", srvName),
author	Matt Holt <mholt@users.noreply.github.com>	2023-07-11 13:10:58 -0600
committer	GitHub <noreply@github.com>	2023-07-11 19:10:58 +0000
commit	0e2c7e1d35b287fc0e56d6db2951f791e09b5a37 (patch)
tree	3669f5d01fa351bda933d3796c50a72da9942a01 /modules/caddyhttp/autohttps.go
parent	7ceef91295343237f5b81ed00e3ba7e8e594d603 (diff)