You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When using the certmagic.OnDemandConfig does certmagic automatically clean up
certificate storage, when a domain is no longer allowed?
Example:
certmagic.Default.OnDemand=&certmagic.OnDemandConfig{
DecisionFunc: func(namestring) error {
// check in DB if name should have managed TLSisAllowed:=check(name)
if!isAllowed {
// will a previously allowed domain be cleaned up when it changes // from allowed to not allowed?returnfmt.Errorf("Not allowed: %s", name)
}
returnnil
},
}
Also, I am assuming caching does so the DecisionFunc is not call everytime when a name has been allowed.
So when a domain goes from being allowed to not allowed, is there a function or logic that must be followed
to bust the cache for that name, should I manually revoke and/or delete the certificate files?
What have you already tried?
I tried looking into the source files, but been unable to conclude the exact behavior or how it is handled with DecisionFunc
The text was updated successfully, but these errors were encountered:
We wait until some time after it expires just in case it's useful to have around for any sort of investigations but yeah, it'll be cleaned up automatically later.
Do NOT revoke certificates unless a private key has been compromised.
What is your question?
When using the
certmagic.OnDemandConfig
does certmagic automatically clean upcertificate storage, when a domain is no longer allowed?
Example:
Also, I am assuming caching does so the DecisionFunc is not call everytime when a name has been allowed.
So when a domain goes from being allowed to not allowed, is there a function or logic that must be followed
to bust the cache for that name, should I manually revoke and/or delete the certificate files?
What have you already tried?
I tried looking into the source files, but been unable to conclude the exact behavior or how it is handled with DecisionFunc
The text was updated successfully, but these errors were encountered: