github-mirror/caddy
2
0
Fork 0
mirror of https://github.com/caddyserver/caddy.git synced 2025-06-03 18:53:27 +08:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

caddytls: Reuse certificate cache through reloads (#5623)

Browse Source 
* caddytls: Don't purge cert cache on config reload

* Update CertMagic

This actually avoids reloading managed certs from storage
when already in the cache, d'oh.

* Fix bug; re-implement HasCertificateForSubject

* Update go.mod: CertMagic tag
This commit is contained in:
Matt Holt
2023-07-11 13:10:58 -06:00
committed by GitHub
parent 7ceef91295
commit 0e2c7e1d35
10 changed files with 115 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
modules/caddyhttp/reverseproxy/httptransport.go
View File

@ -525,7 +525,7 @@ func (t TLSConfig) MakeTLSClientConfig(ctx caddy.Context) (*tls.Config, error) {
return nil, fmt.Errorf("managing client certificate: %v", err)
}
cfg.GetClientCertificate = func(cri *tls.CertificateRequestInfo) (*tls.Certificate, error) {
certs := tlsApp.AllMatchingCertificates(t.ClientCertificateAutomate)
certs := caddytls.AllMatchingCertificates(t.ClientCertificateAutomate)
var err error
for _, cert := range certs {
err = cri.SupportsCertificate(&cert.Certificate)