summaryrefslogtreecommitdiff
path: root/modules
diff options
context:
space:
mode:
authorMatthew Holt <mholt@users.noreply.github.com>2019-09-13 11:46:58 -0600
committerMatthew Holt <mholt@users.noreply.github.com>2019-09-13 11:46:58 -0600
commit839507e24e4d8d2d8052335fafb110513865efc0 (patch)
treefc9346b81193bc38af38b3a86cc3904be1873401 /modules
parent833d67446f14e88c2888db2c3796568fd00bae7a (diff)
http: Consider wildcards when evaluating automatic HTTPS
Diffstat (limited to 'modules')
-rw-r--r--modules/caddyhttp/caddyhttp.go4
-rw-r--r--modules/caddytls/tls.go8
2 files changed, 6 insertions, 6 deletions
diff --git a/modules/caddyhttp/caddyhttp.go b/modules/caddyhttp/caddyhttp.go
index b6a8148..c044a9b 100644
--- a/modules/caddyhttp/caddyhttp.go
+++ b/modules/caddyhttp/caddyhttp.go
@@ -313,8 +313,8 @@ func (app *App) automaticHTTPS() error {
// don't obtain another one for it, unless we are
// supposed to ignore loaded certificates
if !srv.AutoHTTPS.IgnoreLoadedCerts &&
- len(tlsApp.CertificatesWithSAN(d)) > 0 {
- log.Printf("[INFO][%s] Skipping automatic certificate management because a certificate with that SAN is already loaded", d)
+ len(tlsApp.AllMatchingCertificates(d)) > 0 {
+ log.Printf("[INFO][%s] Skipping automatic certificate management because one or more matching certificates are already loaded", d)
continue
}
domainsForCerts = append(domainsForCerts, d)
diff --git a/modules/caddytls/tls.go b/modules/caddytls/tls.go
index bbcf61e..99d3a5f 100644
--- a/modules/caddytls/tls.go
+++ b/modules/caddytls/tls.go
@@ -200,10 +200,10 @@ func (t *TLS) getAutomationPolicyForName(name string) AutomationPolicy {
return AutomationPolicy{Management: new(ACMEManagerMaker)}
}
-// CertificatesWithSAN returns the list of all certificates
-// in the cache the match the given SAN value.
-func (t *TLS) CertificatesWithSAN(san string) []certmagic.Certificate {
- return t.certCache.CertificatesWithSAN(san)
+// CertificatesForSAN returns the list of all certificates in
+// the cache which could be used to satisfy the given SAN.
+func (t *TLS) AllMatchingCertificates(san string) []certmagic.Certificate {
+ return t.certCache.AllMatchingCertificates(san)
}
// CertificateLoader is a type that can load certificates.