caddytls: Reuse certificate cache through reloads (#5623)

* caddytls: Don't purge cert cache on config reload * Update CertMagic This actually avoids reloading managed certs from storage when already in the cache, d'oh. * Fix bug; re-implement HasCertificateForSubject * Update go.mod: CertMagic tag
author: Matt Holt <[email protected]> 2023-07-11 13:10:58 -0600
committer: GitHub <[email protected]> 2023-07-11 19:10:58 +0000
commit: 0e2c7e1d35b287fc0e56d6db2951f791e09b5a37 (patch)
tree: 3669f5d01fa351bda933d3796c50a72da9942a01 /modules/caddyhttp/reverseproxy/httptransport.go
parent: 7ceef91295343237f5b81ed00e3ba7e8e594d603 (diff)
download: caddy-0e2c7e1d35b287fc0e56d6db2951f791e09b5a37.tar.gz
caddy-0e2c7e1d35b287fc0e56d6db2951f791e09b5a37.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/modules/caddyhttp/reverseproxy/httptransport.go b/modules/caddyhttp/reverseproxy/httptransport.go
index 1135862a8..8334f25ad 100644
--- a/modules/caddyhttp/reverseproxy/httptransport.go
+++ b/modules/caddyhttp/reverseproxy/httptransport.go
@@ -525,7 +525,7 @@ func (t TLSConfig) MakeTLSClientConfig(ctx caddy.Context) (*tls.Config, error) {
 			return nil, fmt.Errorf("managing client certificate: %v", err)
 		}
 		cfg.GetClientCertificate = func(cri *tls.CertificateRequestInfo) (*tls.Certificate, error) {
-			certs := tlsApp.AllMatchingCertificates(t.ClientCertificateAutomate)
+			certs := caddytls.AllMatchingCertificates(t.ClientCertificateAutomate)
 			var err error
 			for _, cert := range certs {
 				err = cri.SupportsCertificate(&cert.Certificate)
author	Matt Holt <[email protected]>	2023-07-11 13:10:58 -0600
committer	GitHub <[email protected]>	2023-07-11 19:10:58 +0000
commit	0e2c7e1d35b287fc0e56d6db2951f791e09b5a37 (patch)
tree	3669f5d01fa351bda933d3796c50a72da9942a01 /modules/caddyhttp/reverseproxy/httptransport.go
parent	7ceef91295343237f5b81ed00e3ba7e8e594d603 (diff)
download	caddy-0e2c7e1d35b287fc0e56d6db2951f791e09b5a37.tar.gz caddy-0e2c7e1d35b287fc0e56d6db2951f791e09b5a37.zip