summaryrefslogtreecommitdiff
path: root/modules/caddytls/acmeissuer.go
diff options
context:
space:
mode:
Diffstat (limited to 'modules/caddytls/acmeissuer.go')
-rw-r--r--modules/caddytls/acmeissuer.go19
1 files changed, 9 insertions, 10 deletions
diff --git a/modules/caddytls/acmeissuer.go b/modules/caddytls/acmeissuer.go
index 09b31bf..9552d6f 100644
--- a/modules/caddytls/acmeissuer.go
+++ b/modules/caddytls/acmeissuer.go
@@ -85,9 +85,11 @@ type ACMEIssuer struct {
PreferredChains *ChainPreference `json:"preferred_chains,omitempty"`
rootPool *x509.CertPool
- template certmagic.ACMEIssuer
- magic *certmagic.Config
logger *zap.Logger
+
+ template certmagic.ACMEIssuer // set at Provision
+ magic *certmagic.Config // set at PreCheck
+ issuer *certmagic.ACMEIssuer // set at PreCheck; result of template + magic
}
// CaddyModule returns the Caddy module information.
@@ -217,30 +219,27 @@ func (iss *ACMEIssuer) makeIssuerTemplate() (certmagic.ACMEIssuer, error) {
// the ConfigSetter interface.
func (iss *ACMEIssuer) SetConfig(cfg *certmagic.Config) {
iss.magic = cfg
+ iss.issuer = certmagic.NewACMEIssuer(cfg, iss.template)
}
-// TODO: I kind of hate how each call to these methods needs to
-// make a new ACME manager to fill in defaults before using; can
-// we find the right place to do that just once and then re-use?
-
// PreCheck implements the certmagic.PreChecker interface.
func (iss *ACMEIssuer) PreCheck(ctx context.Context, names []string, interactive bool) error {
- return certmagic.NewACMEIssuer(iss.magic, iss.template).PreCheck(ctx, names, interactive)
+ return iss.issuer.PreCheck(ctx, names, interactive)
}
// Issue obtains a certificate for the given csr.
func (iss *ACMEIssuer) Issue(ctx context.Context, csr *x509.CertificateRequest) (*certmagic.IssuedCertificate, error) {
- return certmagic.NewACMEIssuer(iss.magic, iss.template).Issue(ctx, csr)
+ return iss.issuer.Issue(ctx, csr)
}
// IssuerKey returns the unique issuer key for the configured CA endpoint.
func (iss *ACMEIssuer) IssuerKey() string {
- return certmagic.NewACMEIssuer(iss.magic, iss.template).IssuerKey()
+ return iss.issuer.IssuerKey()
}
// Revoke revokes the given certificate.
func (iss *ACMEIssuer) Revoke(ctx context.Context, cert certmagic.CertificateResource, reason int) error {
- return certmagic.NewACMEIssuer(iss.magic, iss.template).Revoke(ctx, cert, reason)
+ return iss.issuer.Revoke(ctx, cert, reason)
}
// GetACMEIssuer returns iss. This is useful when other types embed ACMEIssuer, because
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-03 19:38:40 +0000