summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--caddyconfig/httpcaddyfile/tlsapp.go5
-rw-r--r--caddytest/integration/caddyfile_adapt/global_options.txt7
2 files changed, 10 insertions, 2 deletions
diff --git a/caddyconfig/httpcaddyfile/tlsapp.go b/caddyconfig/httpcaddyfile/tlsapp.go
index 48506d8..daaec95 100644
--- a/caddyconfig/httpcaddyfile/tlsapp.go
+++ b/caddyconfig/httpcaddyfile/tlsapp.go
@@ -301,6 +301,11 @@ func (st ServerType) buildTLSApp(
tlsApp.Automation.RenewCheckInterval = renewCheckInterval
}
+ // set whether OCSP stapling should be disabled for manually-managed certificates
+ if ocspConfig, ok := options["ocsp_stapling"].(certmagic.OCSPConfig); ok {
+ tlsApp.DisableOCSPStapling = ocspConfig.DisableStapling
+ }
+
// if any hostnames appear on the same server block as a key with
// no host, they will not be used with route matchers because the
// hostless key matches all hosts, therefore, it wouldn't be
diff --git a/caddytest/integration/caddyfile_adapt/global_options.txt b/caddytest/integration/caddyfile_adapt/global_options.txt
index dda644b..69e2d9d 100644
--- a/caddytest/integration/caddyfile_adapt/global_options.txt
+++ b/caddytest/integration/caddyfile_adapt/global_options.txt
@@ -10,6 +10,7 @@
}
acme_ca https://example.com
acme_ca_root /path/to/ca.crt
+ ocsp_stapling off
email test@example.com
admin off
@@ -61,7 +62,8 @@
"module": "internal"
}
],
- "key_type": "ed25519"
+ "key_type": "ed25519",
+ "disable_ocsp_stapling": true
}
],
"on_demand": {
@@ -71,7 +73,8 @@
},
"ask": "https://example.com"
}
- }
+ },
+ "disable_ocsp_stapling": true
}
}
}