aboutsummaryrefslogtreecommitdiffhomepage
path: root/caddytest/integration/caddyfile_adapt/global_options.caddyfiletest
diff options
context:
space:
mode:
authorMatthew Holt <[email protected]>2024-10-04 10:23:30 -0600
committerMatthew Holt <[email protected]>2024-10-04 10:23:30 -0600
commit88fd5f3491ab888f69f0be02cea68a49164298eb (patch)
treea16d7f8fa979273a4a6fc386b10dba2e9c51f4a7 /caddytest/integration/caddyfile_adapt/global_options.caddyfiletest
parent2ae58ac13e1757bccc935818879bc12a2320aea3 (diff)
downloadcaddy-88fd5f3491ab888f69f0be02cea68a49164298eb.tar.gz
caddy-88fd5f3491ab888f69f0be02cea68a49164298eb.zip
caddyhttp: Use internal issuer for IPs when no APs configured
This fixes a regression in 2.8 where IP addresses would be considered qualifying for public certs by auto-HTTPS. The default issuers do not issue IP certs at this time, so if no APs are explicitly configured, we assign them to the internal issuer. We have to add a couple lines of code because CertMagic can no longer consider IPs as not qualifying for public certs, since there are public CAs that issue IP certs. This edge case is specific to Caddy's auto-HTTPS. Without this patch, Caddy will try using Let's Encrypt or ZeroSSL's ACME endpoint to get IP certs, neither of which support that.
Diffstat (limited to 'caddytest/integration/caddyfile_adapt/global_options.caddyfiletest')
0 files changed, 0 insertions, 0 deletions