MCPcopy
hub / github.com/caddyserver/caddy / subjectQualifiesForPublicCert

Function subjectQualifiesForPublicCert

caddyconfig/httpcaddyfile/tlsapp.go:1125–1129  ·  view source on GitHub ↗

subjectQualifiesForPublicCert is like certmagic.SubjectQualifiesForPublicCert() except that this allows domains with multiple wildcard levels like '*.*.example.com' to qualify if the automation policy has OnDemand enabled (i.e. this function is more lenient). IP subjects are considered as non-quali

(ap *caddytls.AutomationPolicy, subj string)

Source from the content-addressed store, hash-verified

1123// not qualifying for public certificates. Users should expressly configure an issuer
1124// that supports IP certs for that purpose.
1125func subjectQualifiesForPublicCert(ap *caddytls.AutomationPolicy, subj string) bool {
1126 return !certmagic.SubjectIsIP(subj) &&
1127 !certmagic.SubjectIsInternal(subj) &&
1128 (strings.Count(subj, "*.") < 2 || ap.OnDemand)
1129}
1130
1131func automationPoliciesHaveSameIssuers(a, b *caddytls.AutomationPolicy) bool {
1132 if reflect.DeepEqual(a.IssuersRaw, b.IssuersRaw) {

Callers 3

buildTLSAppMethod · 0.85

Calls

no outgoing calls

Tested by

no test coverage detected