fillInACMEIssuer fills in default values into acmeIssuer that are defined in app; these values at time of writing are just app.HTTPPort and app.HTTPSPort, which are used by ACMEIssuer. Sure, we could just use the global/CertMagic defaults, but if a user has configured those ports in the HTTP app, it
(acmeIssuer *caddytls.ACMEIssuer)
| 825 | // config values. If any changes are made, acmeIssuer is |
| 826 | // reprovisioned. acmeIssuer must not be nil. |
| 827 | func (app *App) fillInACMEIssuer(acmeIssuer *caddytls.ACMEIssuer) error { |
| 828 | if app.HTTPPort > 0 || app.HTTPSPort > 0 { |
| 829 | if acmeIssuer.Challenges == nil { |
| 830 | acmeIssuer.Challenges = new(caddytls.ChallengesConfig) |
| 831 | } |
| 832 | } |
| 833 | if app.HTTPPort > 0 { |
| 834 | if acmeIssuer.Challenges.HTTP == nil { |
| 835 | acmeIssuer.Challenges.HTTP = new(caddytls.HTTPChallengeConfig) |
| 836 | } |
| 837 | // don't overwrite existing explicit config |
| 838 | if acmeIssuer.Challenges.HTTP.AlternatePort == 0 { |
| 839 | acmeIssuer.Challenges.HTTP.AlternatePort = app.HTTPPort |
| 840 | } |
| 841 | } |
| 842 | if app.HTTPSPort > 0 { |
| 843 | if acmeIssuer.Challenges.TLSALPN == nil { |
| 844 | acmeIssuer.Challenges.TLSALPN = new(caddytls.TLSALPNChallengeConfig) |
| 845 | } |
| 846 | // don't overwrite existing explicit config |
| 847 | if acmeIssuer.Challenges.TLSALPN.AlternatePort == 0 { |
| 848 | acmeIssuer.Challenges.TLSALPN.AlternatePort = app.HTTPSPort |
| 849 | } |
| 850 | } |
| 851 | // we must provision all ACME issuers, even if nothing |
| 852 | // was changed, because we don't know if they are new |
| 853 | // and haven't been provisioned yet; if an ACME issuer |
| 854 | // never gets provisioned, its Agree field stays false, |
| 855 | // which leads to, um, problems later on |
| 856 | return acmeIssuer.Provision(app.ctx) |
| 857 | } |
| 858 | |
| 859 | // automaticHTTPSPhase2 begins certificate management for |
| 860 | // all names in the qualifying domain set for each server. |
no test coverage detected