summaryrefslogtreecommitdiff
path: root/caddyconfig/httpcaddyfile
diff options
context:
space:
mode:
Diffstat (limited to 'caddyconfig/httpcaddyfile')
-rw-r--r--caddyconfig/httpcaddyfile/builtins.go15
-rw-r--r--caddyconfig/httpcaddyfile/tlsapp.go4
2 files changed, 19 insertions, 0 deletions
diff --git a/caddyconfig/httpcaddyfile/builtins.go b/caddyconfig/httpcaddyfile/builtins.go
index 7d16da1..08dfa88 100644
--- a/caddyconfig/httpcaddyfile/builtins.go
+++ b/caddyconfig/httpcaddyfile/builtins.go
@@ -87,6 +87,7 @@ func parseTLS(h Helper) ([]ConfigValue, error) {
var folderLoader caddytls.FolderLoader
var certSelector caddytls.CustomCertSelectionPolicy
var acmeIssuer *caddytls.ACMEIssuer
+ var keyType string
var internalIssuer *caddytls.InternalIssuer
var issuers []certmagic.Issuer
var onDemand bool
@@ -267,6 +268,13 @@ func parseTLS(h Helper) ([]ConfigValue, error) {
}
acmeIssuer.CA = arg[0]
+ case "key_type":
+ arg := h.RemainingArgs()
+ if len(arg) != 1 {
+ return nil, h.ArgErr()
+ }
+ keyType = arg[0]
+
case "eab":
arg := h.RemainingArgs()
if len(arg) != 2 {
@@ -384,6 +392,13 @@ func parseTLS(h Helper) ([]ConfigValue, error) {
})
}
+ if keyType != "" {
+ configVals = append(configVals, ConfigValue{
+ Class: "tls.key_type",
+ Value: keyType,
+ })
+ }
+
// on-demand TLS
if onDemand {
configVals = append(configVals, ConfigValue{
diff --git a/caddyconfig/httpcaddyfile/tlsapp.go b/caddyconfig/httpcaddyfile/tlsapp.go
index 440c447..a66146d 100644
--- a/caddyconfig/httpcaddyfile/tlsapp.go
+++ b/caddyconfig/httpcaddyfile/tlsapp.go
@@ -108,6 +108,10 @@ func (st ServerType) buildTLSApp(
ap.OnDemand = true
}
+ if keyTypeVals, ok := sblock.pile["tls.key_type"]; ok {
+ ap.KeyType = keyTypeVals[0].Value.(string)
+ }
+
// certificate issuers
if issuerVals, ok := sblock.pile["tls.cert_issuer"]; ok {
var issuers []certmagic.Issuer