Mirrors/caddy
1
0
Fork 0
mirror of https://github.com/caddyserver/caddy.git synced 2025-03-21 12:59:26 +01:00
Code Issues Projects Releases Packages Wiki Activity

tls: Make cert and OCSP check intervals configurable

Browse source 
This enables use of ACME CAs that issue shorter-lived certs
This commit is contained in:
Matthew Holt 2019-09-24 17:04:03 -07:00
parent 11696793bd
commit 7b33c8db31
No known key found for this signature in database
GPG key ID: 2A349DD577D586A5
1 changed files with 6 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
modules/caddytls/tls.go
View file

@ -66,6 +66,8 @@ func (t *TLS) Provision(ctx caddy.Context) error {
GetConfigForCert: func(cert certmagic.Certificate) (certmagic.Config, error) { GetConfigForCert: func(cert certmagic.Certificate) (certmagic.Config, error) {
return t.getConfigForName(cert.Names[0]) return t.getConfigForName(cert.Names[0])
}, },
OCSPCheckInterval: time.Duration(t.Automation.OCSPCheckInterval),
RenewCheckInterval: time.Duration(t.Automation.RenewCheckInterval),
}) })
// automation/management policies // automation/management policies
@ -286,8 +288,10 @@ type Certificate struct {
// AutomationConfig designates configuration for the // AutomationConfig designates configuration for the
// construction and use of ACME clients. // construction and use of ACME clients.
type AutomationConfig struct { type AutomationConfig struct {
Policies []AutomationPolicy `json:"policies,omitempty"` Policies []AutomationPolicy `json:"policies,omitempty"`
OnDemand *OnDemandConfig `json:"on_demand,omitempty"` OnDemand *OnDemandConfig `json:"on_demand,omitempty"`
OCSPCheckInterval caddy.Duration `json:"ocsp_interval,omitempty"`
RenewCheckInterval caddy.Duration `json:"renew_interval,omitempty"`
} }
// AutomationPolicy designates the policy for automating the // AutomationPolicy designates the policy for automating the