[Bugfix] Fixed issue with ssl certificate renewal

mesudip · mesudip · commit 51a2640cc7da · 2020-03-19T22:31:34.000+05:45
diff --git a/README.md b/README.md
@@ -16,7 +16,7 @@ docker run  --network frontend \
             --name nginx-proxy \
             -v /var/run/docker.sock:/var/run/docker.sock:ro \
             -v /etc/ssl:/etc/ssl \
-            -v /etc/ssl/dhparam:/etc/nginx/dhparam \
+            -v /etc/nginx/dhparam:/etc/nginx/dhparam \
             -p 80:80 \
             -p 443:443 \
             -d --restart always mesudip/nginx-proxy
@@ -37,8 +37,8 @@ docker run --network frontend \
  ```
 docker run --network frontend \
           --name docker-registry \
-          -e VIRTUAL_HOST='registry.example.com/v2 -> /v2; client_max_body_size 2g' \
-          -e PROXY_BASIC_AUTH="registry.example.com -> user1:password,user2:password2,user3:password3"
+          -e VIRTUAL_HOST='https://registry.example.com/v2 -> /v2; client_max_body_size 2g' \
+          -e PROXY_BASIC_AUTH="registry.example.com -> user1:password,user2:password2,user3:password3" \
           registry:2
 ```
 
@@ -176,6 +176,8 @@ Basic Auth can be enabled on the container with environment variable `PROXY_BASI
 - `PROXY_BASIC_AUTH=user1:password1,user2:password2,user3:password3` adds basic auth feature to your configured `VIRTUAL_HOST` server root.
 - `PROXY_BASIC_AUTH=example.com/api/v1/admin -> admin1:password1,admin2:password2` adds basic auth only to the location starting from `api/v1/admin`
 
+**Note:** Basic authorization will be ignored if the container's host doesn't use `https`
+
 ## Default Server
 When request comes for a server name that is not registered in `nginx-proxy`, It responds with 503 by default.
 If you want the requested to be passed to a container instead, when setting up the container you can add `PROXY_DEFAULT_SERVER=true` environment along with `VIRTUAL_HOST`.
diff --git a/nginx_proxy/post_processors/ssl_certificate_processor.py b/nginx_proxy/post_processors/ssl_certificate_processor.py
@@ -50,6 +50,8 @@ def update_ssl_certificates(self):
                     for x in self.cache:
                         print("Remaining days :", x, ":", (self.cache[x] - now).days)
                     x = [x for x in self.cache if (self.cache[x] - now).days < 6]
+                    for host in x:
+                        del self.cache[host]
                     self.server.reload()
 
     def process_ssl_certificates(self, hosts: List[Host]):
