aboutsummaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorMatthew Holt <[email protected]>2024-05-11 21:39:44 -0600
committerMatthew Holt <[email protected]>2024-05-11 21:39:56 -0600
commit583c585c81ac4bcf94fb2046b695f64a83b41cf7 (patch)
tree6877b6ec1e440114b3385e9f36a27d14102ca2d2
parent4356635d123ee71b72654738a0c30653a3a29d98 (diff)
downloadcaddy-583c585c81ac4bcf94fb2046b695f64a83b41cf7.tar.gz
caddy-583c585c81ac4bcf94fb2046b695f64a83b41cf7.zip
httpcaddyfile: Set challenge ports when http_port or https_port are used
-rw-r--r--caddyconfig/httpcaddyfile/tlsapp.go20
-rw-r--r--caddytest/integration/caddyfile_adapt/global_options_acme.caddyfiletest8
2 files changed, 27 insertions, 1 deletions
diff --git a/caddyconfig/httpcaddyfile/tlsapp.go b/caddyconfig/httpcaddyfile/tlsapp.go
index f1ee1e863..f69e2c54a 100644
--- a/caddyconfig/httpcaddyfile/tlsapp.go
+++ b/caddyconfig/httpcaddyfile/tlsapp.go
@@ -457,6 +457,7 @@ func fillInGlobalACMEDefaults(issuer certmagic.Issuer, options map[string]any) e
globalACMEEAB := options["acme_eab"]
globalPreferredChains := options["preferred_chains"]
globalCertLifetime := options["cert_lifetime"]
+ globalHTTPPort, globalHTTPSPort := options["http_port"], options["https_port"]
if globalEmail != nil && acmeIssuer.Email == "" {
acmeIssuer.Email = globalEmail.(string)
@@ -480,7 +481,24 @@ func fillInGlobalACMEDefaults(issuer certmagic.Issuer, options map[string]any) e
if globalPreferredChains != nil && acmeIssuer.PreferredChains == nil {
acmeIssuer.PreferredChains = globalPreferredChains.(*caddytls.ChainPreference)
}
-
+ if globalHTTPPort != nil && (acmeIssuer.Challenges == nil || acmeIssuer.Challenges.HTTP == nil || acmeIssuer.Challenges.HTTP.AlternatePort == 0) {
+ if acmeIssuer.Challenges == nil {
+ acmeIssuer.Challenges = new(caddytls.ChallengesConfig)
+ }
+ if acmeIssuer.Challenges.HTTP == nil {
+ acmeIssuer.Challenges.HTTP = new(caddytls.HTTPChallengeConfig)
+ }
+ acmeIssuer.Challenges.HTTP.AlternatePort = globalHTTPPort.(int)
+ }
+ if globalHTTPSPort != nil && (acmeIssuer.Challenges == nil || acmeIssuer.Challenges.TLSALPN == nil || acmeIssuer.Challenges.TLSALPN.AlternatePort == 0) {
+ if acmeIssuer.Challenges == nil {
+ acmeIssuer.Challenges = new(caddytls.ChallengesConfig)
+ }
+ if acmeIssuer.Challenges.TLSALPN == nil {
+ acmeIssuer.Challenges.TLSALPN = new(caddytls.TLSALPNChallengeConfig)
+ }
+ acmeIssuer.Challenges.TLSALPN.AlternatePort = globalHTTPSPort.(int)
+ }
if globalCertLifetime != nil && acmeIssuer.CertificateLifetime == 0 {
acmeIssuer.CertificateLifetime = globalCertLifetime.(caddy.Duration)
}
diff --git a/caddytest/integration/caddyfile_adapt/global_options_acme.caddyfiletest b/caddytest/integration/caddyfile_adapt/global_options_acme.caddyfiletest
index f51779253..bc4b6dcaf 100644
--- a/caddytest/integration/caddyfile_adapt/global_options_acme.caddyfiletest
+++ b/caddytest/integration/caddyfile_adapt/global_options_acme.caddyfiletest
@@ -63,6 +63,14 @@
"issuers": [
{
"ca": "https://example.com",
+ "challenges": {
+ "http": {
+ "alternate_port": 8080
+ },
+ "tls-alpn": {
+ "alternate_port": 8443
+ }
+ },
"email": "[email protected]",
"external_account": {
"key_id": "4K2scIVbBpNd-78scadB2g",