From 839507e24e4d8d2d8052335fafb110513865efc0 Mon Sep 17 00:00:00 2001 From: Matthew Holt Date: Fri, 13 Sep 2019 11:46:58 -0600 Subject: http: Consider wildcards when evaluating automatic HTTPS --- modules/caddyhttp/caddyhttp.go | 4 ++-- modules/caddytls/tls.go | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) (limited to 'modules') diff --git a/modules/caddyhttp/caddyhttp.go b/modules/caddyhttp/caddyhttp.go index b6a8148..c044a9b 100644 --- a/modules/caddyhttp/caddyhttp.go +++ b/modules/caddyhttp/caddyhttp.go @@ -313,8 +313,8 @@ func (app *App) automaticHTTPS() error { // don't obtain another one for it, unless we are // supposed to ignore loaded certificates if !srv.AutoHTTPS.IgnoreLoadedCerts && - len(tlsApp.CertificatesWithSAN(d)) > 0 { - log.Printf("[INFO][%s] Skipping automatic certificate management because a certificate with that SAN is already loaded", d) + len(tlsApp.AllMatchingCertificates(d)) > 0 { + log.Printf("[INFO][%s] Skipping automatic certificate management because one or more matching certificates are already loaded", d) continue } domainsForCerts = append(domainsForCerts, d) diff --git a/modules/caddytls/tls.go b/modules/caddytls/tls.go index bbcf61e..99d3a5f 100644 --- a/modules/caddytls/tls.go +++ b/modules/caddytls/tls.go @@ -200,10 +200,10 @@ func (t *TLS) getAutomationPolicyForName(name string) AutomationPolicy { return AutomationPolicy{Management: new(ACMEManagerMaker)} } -// CertificatesWithSAN returns the list of all certificates -// in the cache the match the given SAN value. -func (t *TLS) CertificatesWithSAN(san string) []certmagic.Certificate { - return t.certCache.CertificatesWithSAN(san) +// CertificatesForSAN returns the list of all certificates in +// the cache which could be used to satisfy the given SAN. +func (t *TLS) AllMatchingCertificates(san string) []certmagic.Certificate { + return t.certCache.AllMatchingCertificates(san) } // CertificateLoader is a type that can load certificates. -- cgit v1.2.3