summaryrefslogtreecommitdiff
path: root/caddyconfig/httpcaddyfile/builtins.go
diff options
context:
space:
mode:
Diffstat (limited to 'caddyconfig/httpcaddyfile/builtins.go')
-rw-r--r--caddyconfig/httpcaddyfile/builtins.go10
1 files changed, 8 insertions, 2 deletions
diff --git a/caddyconfig/httpcaddyfile/builtins.go b/caddyconfig/httpcaddyfile/builtins.go
index 26a421c..1efe5ac 100644
--- a/caddyconfig/httpcaddyfile/builtins.go
+++ b/caddyconfig/httpcaddyfile/builtins.go
@@ -71,6 +71,7 @@ func parseTLS(h Helper) ([]ConfigValue, error) {
cp := new(caddytls.ConnectionPolicy)
var fileLoader caddytls.FileLoader
var folderLoader caddytls.FolderLoader
+ var certSelector caddytls.CustomCertSelectionPolicy
var acmeIssuer *caddytls.ACMEIssuer
var internalIssuer *caddytls.InternalIssuer
var onDemand bool
@@ -135,8 +136,8 @@ func parseTLS(h Helper) ([]ConfigValue, error) {
// remember this for next time we see this cert file
tlsCertTags[certFilename] = tag
}
- certSelector := caddytls.CustomCertSelectionPolicy{Tag: tag}
- cp.CertSelection = caddyconfig.JSONModuleObject(certSelector, "policy", "custom", h.warnings)
+ certSelector.AnyTag = append(certSelector.AnyTag, tag)
+
default:
return nil, h.ArgErr()
}
@@ -297,6 +298,11 @@ func parseTLS(h Helper) ([]ConfigValue, error) {
})
}
+ // custom certificate selection
+ if len(certSelector.AnyTag) > 0 {
+ cp.CertSelection = &certSelector
+ }
+
// connection policy -- always add one, to ensure that TLS
// is enabled, because this directive was used (this is
// needed, for instance, when a site block has a key of
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-29 08:28:03 +0000