diff options
author | Matthew Holt <mholt@users.noreply.github.com> | 2019-09-24 17:04:03 -0700 |
---|---|---|
committer | Matthew Holt <mholt@users.noreply.github.com> | 2019-09-24 17:04:03 -0700 |
commit | 7b33c8db3161d3558147d02f8d7818352e6983b7 (patch) | |
tree | 9e3d4041ddf5646460610a6679555cabc971efbf /modules | |
parent | 11696793bd15503006f44876c0f9f3b5d53e4d18 (diff) |
tls: Make cert and OCSP check intervals configurable
This enables use of ACME CAs that issue shorter-lived certs
Diffstat (limited to 'modules')
-rw-r--r-- | modules/caddytls/tls.go | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/modules/caddytls/tls.go b/modules/caddytls/tls.go index 1f05c1d..3b54004 100644 --- a/modules/caddytls/tls.go +++ b/modules/caddytls/tls.go @@ -66,6 +66,8 @@ func (t *TLS) Provision(ctx caddy.Context) error { GetConfigForCert: func(cert certmagic.Certificate) (certmagic.Config, error) { return t.getConfigForName(cert.Names[0]) }, + OCSPCheckInterval: time.Duration(t.Automation.OCSPCheckInterval), + RenewCheckInterval: time.Duration(t.Automation.RenewCheckInterval), }) // automation/management policies @@ -286,8 +288,10 @@ type Certificate struct { // AutomationConfig designates configuration for the // construction and use of ACME clients. type AutomationConfig struct { - Policies []AutomationPolicy `json:"policies,omitempty"` - OnDemand *OnDemandConfig `json:"on_demand,omitempty"` + Policies []AutomationPolicy `json:"policies,omitempty"` + OnDemand *OnDemandConfig `json:"on_demand,omitempty"` + OCSPCheckInterval caddy.Duration `json:"ocsp_interval,omitempty"` + RenewCheckInterval caddy.Duration `json:"renew_interval,omitempty"` } // AutomationPolicy designates the policy for automating the |