diff options
-rw-r--r-- | caddyconfig/httpcaddyfile/tlsapp.go | 5 | ||||
-rw-r--r-- | caddytest/integration/caddyfile_adapt/global_options.txt | 7 |
2 files changed, 10 insertions, 2 deletions
diff --git a/caddyconfig/httpcaddyfile/tlsapp.go b/caddyconfig/httpcaddyfile/tlsapp.go index 48506d8..daaec95 100644 --- a/caddyconfig/httpcaddyfile/tlsapp.go +++ b/caddyconfig/httpcaddyfile/tlsapp.go @@ -301,6 +301,11 @@ func (st ServerType) buildTLSApp( tlsApp.Automation.RenewCheckInterval = renewCheckInterval } + // set whether OCSP stapling should be disabled for manually-managed certificates + if ocspConfig, ok := options["ocsp_stapling"].(certmagic.OCSPConfig); ok { + tlsApp.DisableOCSPStapling = ocspConfig.DisableStapling + } + // if any hostnames appear on the same server block as a key with // no host, they will not be used with route matchers because the // hostless key matches all hosts, therefore, it wouldn't be diff --git a/caddytest/integration/caddyfile_adapt/global_options.txt b/caddytest/integration/caddyfile_adapt/global_options.txt index dda644b..69e2d9d 100644 --- a/caddytest/integration/caddyfile_adapt/global_options.txt +++ b/caddytest/integration/caddyfile_adapt/global_options.txt @@ -10,6 +10,7 @@ } acme_ca https://example.com acme_ca_root /path/to/ca.crt + ocsp_stapling off email test@example.com admin off @@ -61,7 +62,8 @@ "module": "internal" } ], - "key_type": "ed25519" + "key_type": "ed25519", + "disable_ocsp_stapling": true } ], "on_demand": { @@ -71,7 +73,8 @@ }, "ask": "https://example.com" } - } + }, + "disable_ocsp_stapling": true } } } |