aboutsummaryrefslogtreecommitdiffhomepage
path: root/modules/caddytls/acmeissuer.go
diff options
context:
space:
mode:
authorMatthew Holt <[email protected]>2023-01-30 09:30:53 -0700
committerMatthew Holt <[email protected]>2023-01-30 09:30:53 -0700
commit0a3efd1641f07ceaa2035cedec1ba43448b2d520 (patch)
tree6fd147fb8f80fedbf5648bcd9b1238aad976cb60 /modules/caddytls/acmeissuer.go
parentd73660f7c338cf4d12ba82c07e14df7f53593ea5 (diff)
downloadcaddy-0a3efd1641f07ceaa2035cedec1ba43448b2d520.tar.gz
caddy-0a3efd1641f07ceaa2035cedec1ba43448b2d520.zip
caddytls: Debug log for ask endpoint
Diffstat (limited to 'modules/caddytls/acmeissuer.go')
-rw-r--r--modules/caddytls/acmeissuer.go10
1 files changed, 8 insertions, 2 deletions
diff --git a/modules/caddytls/acmeissuer.go b/modules/caddytls/acmeissuer.go
index 12e300ed5..ca7998179 100644
--- a/modules/caddytls/acmeissuer.go
+++ b/modules/caddytls/acmeissuer.go
@@ -495,7 +495,7 @@ func (iss *ACMEIssuer) UnmarshalCaddyfile(d *caddyfile.Dispenser) error {
// to see if a certificate can be obtained for name.
// The certificate request should be denied if this
// returns an error.
-func onDemandAskRequest(ask string, name string) error {
+func onDemandAskRequest(logger *zap.Logger, ask string, name string) error {
askURL, err := url.Parse(ask)
if err != nil {
return fmt.Errorf("parsing ask URL: %v", err)
@@ -504,13 +504,19 @@ func onDemandAskRequest(ask string, name string) error {
qs.Set("domain", name)
askURL.RawQuery = qs.Encode()
- resp, err := onDemandAskClient.Get(askURL.String())
+ askURLString := askURL.String()
+ resp, err := onDemandAskClient.Get(askURLString)
if err != nil {
return fmt.Errorf("error checking %v to determine if certificate for hostname '%s' should be allowed: %v",
ask, name, err)
}
resp.Body.Close()
+ logger.Debug("response from ask endpoint",
+ zap.String("domain", name),
+ zap.String("url", askURLString),
+ zap.Int("status", resp.StatusCode))
+
if resp.StatusCode < 200 || resp.StatusCode > 299 {
return fmt.Errorf("%s: %w %s - non-2xx status code %d", name, errAskDenied, ask, resp.StatusCode)
}