summaryrefslogtreecommitdiff
path: root/modules/caddytls
diff options
context:
space:
mode:
Diffstat (limited to 'modules/caddytls')
-rw-r--r--modules/caddytls/acmeissuer.go6
1 files changed, 6 insertions, 0 deletions
diff --git a/modules/caddytls/acmeissuer.go b/modules/caddytls/acmeissuer.go
index b73b34f..6466229 100644
--- a/modules/caddytls/acmeissuer.go
+++ b/modules/caddytls/acmeissuer.go
@@ -74,6 +74,11 @@ type ACMEIssuer struct {
// is internal or for development/testing purposes.
TrustedRootsPEMFiles []string `json:"trusted_roots_pem_files,omitempty"`
+ // List of preferred certificate chains, by issuer's CommonName. If empty,
+ // or if no matching chain is found, the first chain offered by the server
+ // will be used.
+ PreferredChains []string `json:"preferred_chains,omitempty"`
+
rootPool *x509.CertPool
template certmagic.ACMEManager
magic *certmagic.Config
@@ -149,6 +154,7 @@ func (iss *ACMEIssuer) makeIssuerTemplate() (certmagic.ACMEManager, error) {
CertObtainTimeout: time.Duration(iss.ACMETimeout),
TrustedRoots: iss.rootPool,
ExternalAccount: iss.ExternalAccount,
+ PreferredChains: iss.PreferredChains,
Logger: iss.logger,
}