diff options
author | Matthew Holt <[email protected]> | 2024-06-28 12:15:41 -0600 |
---|---|---|
committer | Matthew Holt <[email protected]> | 2024-06-28 12:15:41 -0600 |
commit | f8861ca16bd475e8519e7dbf5a2b55e81b329874 (patch) | |
tree | a4828e695d2c0e4deeac1977185dbcf11e487952 | |
parent | c2ccf8690f315aa0ebab930c3aadcc6cd11fc9e9 (diff) | |
download | caddy-f8861ca16bd475e8519e7dbf5a2b55e81b329874.tar.gz caddy-f8861ca16bd475e8519e7dbf5a2b55e81b329874.zip |
reverseproxy: Wire up TLS options for H3 transport
-rw-r--r-- | modules/caddyhttp/reverseproxy/httptransport.go | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/modules/caddyhttp/reverseproxy/httptransport.go b/modules/caddyhttp/reverseproxy/httptransport.go index 80a498066..d42453684 100644 --- a/modules/caddyhttp/reverseproxy/httptransport.go +++ b/modules/caddyhttp/reverseproxy/httptransport.go @@ -363,6 +363,13 @@ func (h *HTTPTransport) NewTransport(caddyCtx caddy.Context) (*http.Transport, e // site owners control the backends), so it must be exclusive if len(h.Versions) == 1 && h.Versions[0] == "3" { h.h3Transport = new(http3.RoundTripper) + if h.TLS != nil { + var err error + h.h3Transport.TLSClientConfig, err = h.TLS.MakeTLSClientConfig(caddyCtx) + if err != nil { + return nil, fmt.Errorf("making TLS client config for HTTP/3 transport: %v", err) + } + } } else if len(h.Versions) > 1 && sliceContains(h.Versions, "3") { return nil, fmt.Errorf("if HTTP/3 is enabled to the upstream, no other HTTP versions are supported") } |