New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

tls: Add support for the tls-alpn-01 challenge #2201

Merged
merged 5 commits into from Dec 6, 2018

Conversation

Projects
None yet
1 participant
@mholt
Copy link
Owner

mholt commented Jun 14, 2018

Also updates lego/acme to a newer commit on master.

1. What does this change do, exactly?

Adds the TLS-ALPN challenge, which is on by default and uses port 443. Replaces the previously-removed TLS-SNI challenge.

Supports distributed solving just like the HTTP-01 challenge, when used in a fleet configuration. The only requirement is sharing the $CADDYPATH/.acme folder.

2. Please link to the relevant issues.

(None)

3. Which documentation changes (if any) need to be made because of this PR?

Update the Automatic HTTPS, CLI, and tls docs pages to talk about TLS-ALPN instead of TLS-SNI.

4. Checklist

  • I have written tests and verified that they fail without my change
  • I have squashed any insignificant commits
  • This change has comments for package types, values, functions, and non-obvious lines of code
  • I am willing to help maintain this change if there are issues with it later
  • Make TLS-ALPN challenge solvable when in a cluster
tls: Add support for the tls-alpn-01 challenge
Also updates lego/acme to latest on master.

TODO: This implementation of the tls-alpn challenge is not yet solvable
in a distributed Caddy cluster like the http challenge is.

mholt added some commits Dec 6, 2018

@mholt mholt merged commit 0918898 into master Dec 6, 2018

5 checks passed

continuous-integration/appveyor/branch AppVeyor build succeeded
Details
continuous-integration/appveyor/pr AppVeyor build succeeded
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details
continuous-integration/travis-ci/push The Travis CI build passed
Details
license/cla Contributor License Agreement is signed.
Details

@mholt mholt deleted the tls-alpn-challenge branch Dec 6, 2018

virtualdxs added a commit to virtualdxs/caddy that referenced this pull request Dec 14, 2018

tls: Add support for the tls-alpn-01 challenge (mholt#2201)
* tls: Add support for the tls-alpn-01 challenge

Also updates lego/acme to latest on master.

TODO: This implementation of the tls-alpn challenge is not yet solvable
in a distributed Caddy cluster like the http challenge is.

* build: Allow building with the race detector

* tls: Support distributed solving of the TLS-ALPN-01 challenge

* Update vendor and add a todo in MITM checker
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment