mirror of
https://github.com/caddyserver/caddy.git
synced 2024-12-16 21:56:40 -05:00
d692d503a3
The comments in the code should explain the new logic thoroughly. The basic problem for the issue was that we were overriding a catch-all automation policy's explicitly-configured issuer with our own, for names that we thought looked like public names. In other words, one could configure an internal issuer for all names, but then our auto HTTPS would create a new policy for public-looking names that uses the default ACME issuer, because we assume public<==>ACME and nonpublic<==>Internal, but that is not always the case. The new logic still assumes nonpublic<==>Internal (on catch-all policies only), but no longer assumes that public-looking names always use an ACME issuer. Also fix a bug where HTTPPort and HTTPSPort from the HTTP app weren't being carried through to ACME issuers properly. It required a bit of refactoring. |
||
---|---|---|
.. | ||
distributedstek | ||
standardstek | ||
acmeissuer.go | ||
automation.go | ||
certselection.go | ||
connpolicy.go | ||
fileloader.go | ||
folderloader.go | ||
internalissuer.go | ||
matchers.go | ||
matchers_test.go | ||
pemloader.go | ||
sessiontickets.go | ||
tls.go | ||
values.go |