diff options
author | Matthew Holt <mholt@users.noreply.github.com> | 2019-09-13 11:46:58 -0600 |
---|---|---|
committer | Matthew Holt <mholt@users.noreply.github.com> | 2019-09-13 11:46:58 -0600 |
commit | 839507e24e4d8d2d8052335fafb110513865efc0 (patch) | |
tree | fc9346b81193bc38af38b3a86cc3904be1873401 /modules | |
parent | 833d67446f14e88c2888db2c3796568fd00bae7a (diff) |
http: Consider wildcards when evaluating automatic HTTPS
Diffstat (limited to 'modules')
-rw-r--r-- | modules/caddyhttp/caddyhttp.go | 4 | ||||
-rw-r--r-- | modules/caddytls/tls.go | 8 |
2 files changed, 6 insertions, 6 deletions
diff --git a/modules/caddyhttp/caddyhttp.go b/modules/caddyhttp/caddyhttp.go index b6a8148..c044a9b 100644 --- a/modules/caddyhttp/caddyhttp.go +++ b/modules/caddyhttp/caddyhttp.go @@ -313,8 +313,8 @@ func (app *App) automaticHTTPS() error { // don't obtain another one for it, unless we are // supposed to ignore loaded certificates if !srv.AutoHTTPS.IgnoreLoadedCerts && - len(tlsApp.CertificatesWithSAN(d)) > 0 { - log.Printf("[INFO][%s] Skipping automatic certificate management because a certificate with that SAN is already loaded", d) + len(tlsApp.AllMatchingCertificates(d)) > 0 { + log.Printf("[INFO][%s] Skipping automatic certificate management because one or more matching certificates are already loaded", d) continue } domainsForCerts = append(domainsForCerts, d) diff --git a/modules/caddytls/tls.go b/modules/caddytls/tls.go index bbcf61e..99d3a5f 100644 --- a/modules/caddytls/tls.go +++ b/modules/caddytls/tls.go @@ -200,10 +200,10 @@ func (t *TLS) getAutomationPolicyForName(name string) AutomationPolicy { return AutomationPolicy{Management: new(ACMEManagerMaker)} } -// CertificatesWithSAN returns the list of all certificates -// in the cache the match the given SAN value. -func (t *TLS) CertificatesWithSAN(san string) []certmagic.Certificate { - return t.certCache.CertificatesWithSAN(san) +// CertificatesForSAN returns the list of all certificates in +// the cache which could be used to satisfy the given SAN. +func (t *TLS) AllMatchingCertificates(san string) []certmagic.Certificate { + return t.certCache.AllMatchingCertificates(san) } // CertificateLoader is a type that can load certificates. |