From 0a3efd1641f07ceaa2035cedec1ba43448b2d520 Mon Sep 17 00:00:00 2001 From: Matthew Holt Date: Mon, 30 Jan 2023 09:30:53 -0700 Subject: caddytls: Debug log for ask endpoint --- modules/caddytls/acmeissuer.go | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) (limited to 'modules/caddytls/acmeissuer.go') diff --git a/modules/caddytls/acmeissuer.go b/modules/caddytls/acmeissuer.go index 12e300e..ca79981 100644 --- a/modules/caddytls/acmeissuer.go +++ b/modules/caddytls/acmeissuer.go @@ -495,7 +495,7 @@ func (iss *ACMEIssuer) UnmarshalCaddyfile(d *caddyfile.Dispenser) error { // to see if a certificate can be obtained for name. // The certificate request should be denied if this // returns an error. -func onDemandAskRequest(ask string, name string) error { +func onDemandAskRequest(logger *zap.Logger, ask string, name string) error { askURL, err := url.Parse(ask) if err != nil { return fmt.Errorf("parsing ask URL: %v", err) @@ -504,13 +504,19 @@ func onDemandAskRequest(ask string, name string) error { qs.Set("domain", name) askURL.RawQuery = qs.Encode() - resp, err := onDemandAskClient.Get(askURL.String()) + askURLString := askURL.String() + resp, err := onDemandAskClient.Get(askURLString) if err != nil { return fmt.Errorf("error checking %v to determine if certificate for hostname '%s' should be allowed: %v", ask, name, err) } resp.Body.Close() + logger.Debug("response from ask endpoint", + zap.String("domain", name), + zap.String("url", askURLString), + zap.Int("status", resp.StatusCode)) + if resp.StatusCode < 200 || resp.StatusCode > 299 { return fmt.Errorf("%s: %w %s - non-2xx status code %d", name, errAskDenied, ask, resp.StatusCode) } -- cgit v1.2.3