Skip to content

Commit

Permalink
Make changes to fix issue 13
Browse files Browse the repository at this point in the history
  • Loading branch information
@pieterlouw
pieterlouw committed Jan 11, 2019
1 parent afb7432 commit fa07d81
Showing 1 changed file with 20 additions and 6 deletions.
26 changes: 20 additions & 6 deletions caddynet/netserver/tls.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ import (

"github.com/mholt/caddy"
"github.com/mholt/caddy/caddytls"
"github.com/mholt/certmagic"
)

// activateTLS
Expand All @@ -30,7 +31,7 @@ func activateTLS(cctx caddy.Context) error {
// 3. Calls ObtainCert() for each config (this method only obtains certificates if the config qualifies and has its Managed field set to true).
// place certificates and keys on disk
for _, c := range ctx.configs {
err := c.TLS.ObtainCert(c.TLS.Hostname, operatorPresent)
err := c.TLS.Manager.ObtainCert(c.TLS.Hostname, operatorPresent)
if err != nil {
return err
}
Expand All @@ -44,8 +45,8 @@ func activateTLS(cctx caddy.Context) error {
continue
}
cfg.TLS.Enabled = true
if caddytls.HostQualifies(cfg.Hostname) {
_, err := cfg.TLS.CacheManagedCertificate(cfg.Hostname)
if certmagic.HostQualifies(cfg.Hostname) {
_, err := cfg.TLS.Manager.CacheManagedCertificate(cfg.Hostname)
if err != nil {
return err
}
Expand All @@ -61,9 +62,22 @@ func activateTLS(cctx caddy.Context) error {
// renew all relevant certificates that need renewal. this is important
// to do right away so we guarantee that renewals aren't missed, and
// also the user can respond to any potential errors that occur.
err := caddytls.RenewManagedCertificates(true)
if err != nil {
return err

// renew all relevant certificates that need renewal. this is important
// to do right away so we guarantee that renewals aren't missed, and
// also the user can respond to any potential errors that occur.
// (skip if upgrading, because the parent process is likely already listening
// on the ports we'd need to do ACME before we finish starting; parent process
// already running renewal ticker, so renewal won't be missed anyway.)
if !caddy.IsUpgrade() {
ctx.instance.StorageMu.RLock()
certCache, ok := ctx.instance.Storage[caddytls.CertCacheInstStorageKey].(*certmagic.Cache)
ctx.instance.StorageMu.RUnlock()
if ok && certCache != nil {
if err := certCache.RenewManagedCertificates(operatorPresent); err != nil {
return err
}
}
}

if !caddy.Quiet && operatorPresent {
Expand Down

0 comments on commit fa07d81

Please sign in to comment.