diff options
| author | Matt Holt <[email protected]> | 2024-04-30 16:15:54 -0600 |
|---|---|---|
| committer | GitHub <[email protected]> | 2024-04-30 16:15:54 -0600 |
| commit | d129ae6aec6af2182217ee8a235f4df8cd2bbfde (patch) | |
| tree | f64a68167b215ac3a3140736addf3f7a12e1d393 /listen_unix_setopt.go | |
| parent | 87c7127c286982fb302bf88cc1689fafacba12fb (diff) | |
| download | caddy-d129ae6aec6af2182217ee8a235f4df8cd2bbfde.tar.gz caddy-d129ae6aec6af2182217ee8a235f4df8cd2bbfde.zip | |
caddytls: Evict internal certs from cache based on issuer (#6266)v2.8.0-beta.1
* caddytls: Evict internal certs from cache based on issuer
During a config reload, we would keep certs in the cache fi they were used by the next config. If one config uses InternalIssuer and the other uses a public CA, this behavior is problematic / unintuitive, because there is a big difference between private/public CAs.
This change should ensure that internal issuers are considered when deciding whether to keep or evict from the cache during a reload, by making them distinct from each other and certs from public CAs.
* Make sure new TLS app manages configured certs
* Actually make it work
Diffstat (limited to 'listen_unix_setopt.go')
0 files changed, 0 insertions, 0 deletions