mirror of
https://github.com/caddyserver/caddy.git
synced 2025-01-24 19:25:49 +03:00
letsencrypt: Check for errors
This commit is contained in:
parent
c46898592f
commit
8548641dc1
1 changed files with 9 additions and 4 deletions
|
@ -39,7 +39,7 @@ var OnRenew func() error
|
||||||
func Activate(configs []server.Config) ([]server.Config, error) {
|
func Activate(configs []server.Config) ([]server.Config, error) {
|
||||||
// First identify and configure any elligible hosts for which
|
// First identify and configure any elligible hosts for which
|
||||||
// we already have certs and keys in storage from last time.
|
// we already have certs and keys in storage from last time.
|
||||||
configLen := len(configs) // avoid infinite loop since this loop appends to the slice
|
configLen := len(configs) // avoid infinite loop since this loop appends plaintext to the slice
|
||||||
for i := 0; i < configLen; i++ {
|
for i := 0; i < configLen; i++ {
|
||||||
if existingCertAndKey(configs[i].Host) && configs[i].TLS.LetsEncryptEmail != "off" {
|
if existingCertAndKey(configs[i].Host) && configs[i].TLS.LetsEncryptEmail != "off" {
|
||||||
configs = autoConfigure(&configs[i], configs)
|
configs = autoConfigure(&configs[i], configs)
|
||||||
|
@ -238,9 +238,14 @@ func saveCertsAndKeys(certificates []acme.CertificateResource) error {
|
||||||
// autoConfigure enables TLS on cfg and appends, if necessary, a new config
|
// autoConfigure enables TLS on cfg and appends, if necessary, a new config
|
||||||
// to allConfigs that redirects plaintext HTTP to its new HTTPS counterpart.
|
// to allConfigs that redirects plaintext HTTP to its new HTTPS counterpart.
|
||||||
func autoConfigure(cfg *server.Config, allConfigs []server.Config) []server.Config {
|
func autoConfigure(cfg *server.Config, allConfigs []server.Config) []server.Config {
|
||||||
bundleBytes, _ := ioutil.ReadFile(storage.SiteCertFile(cfg.Host))
|
bundleBytes, err := ioutil.ReadFile(storage.SiteCertFile(cfg.Host))
|
||||||
ocsp, _ := acme.GetOCSPForCert(bundleBytes)
|
// TODO: Handle these errors better
|
||||||
cfg.TLS.OCSPStaple = ocsp
|
if err == nil {
|
||||||
|
ocsp, err := acme.GetOCSPForCert(bundleBytes)
|
||||||
|
if err == nil {
|
||||||
|
cfg.TLS.OCSPStaple = ocsp
|
||||||
|
}
|
||||||
|
}
|
||||||
cfg.TLS.Certificate = storage.SiteCertFile(cfg.Host)
|
cfg.TLS.Certificate = storage.SiteCertFile(cfg.Host)
|
||||||
cfg.TLS.Key = storage.SiteKeyFile(cfg.Host)
|
cfg.TLS.Key = storage.SiteKeyFile(cfg.Host)
|
||||||
cfg.TLS.Enabled = true
|
cfg.TLS.Enabled = true
|
||||||
|
|
Loading…
Reference in a new issue