mirror of https://github.com/caddyserver/caddy.git
caddytls: add 'key_type' subdirective (#3956)
* caddytls: add 'key_type' subdirective * Suggested change * *string -> string * test
This commit is contained in:
Jordi Masip
GitHub
parent
f0216967dc
commit
8b6fdc04da
|
|
@ -87,6 +87,7 @@ func parseTLS(h Helper) ([]ConfigValue, error) {
|
||||||
var folderLoader caddytls.FolderLoader
|
var folderLoader caddytls.FolderLoader
|
||||||
var certSelector caddytls.CustomCertSelectionPolicy
|
var certSelector caddytls.CustomCertSelectionPolicy
|
||||||
var acmeIssuer *caddytls.ACMEIssuer
|
var acmeIssuer *caddytls.ACMEIssuer
|
||||||
|
var keyType string
|
||||||
var internalIssuer *caddytls.InternalIssuer
|
var internalIssuer *caddytls.InternalIssuer
|
||||||
var issuers []certmagic.Issuer
|
var issuers []certmagic.Issuer
|
||||||
var onDemand bool
|
var onDemand bool
|
||||||
|
|
@ -267,6 +268,13 @@ func parseTLS(h Helper) ([]ConfigValue, error) {
|
||||||
}
|
}
|
||||||
acmeIssuer.CA = arg[0]
|
acmeIssuer.CA = arg[0]
|
||||||
|
|
||||||
|
case "key_type":
|
||||||
|
arg := h.RemainingArgs()
|
||||||
|
if len(arg) != 1 {
|
||||||
|
return nil, h.ArgErr()
|
||||||
|
}
|
||||||
|
keyType = arg[0]
|
||||||
|
|
||||||
case "eab":
|
case "eab":
|
||||||
arg := h.RemainingArgs()
|
arg := h.RemainingArgs()
|
||||||
if len(arg) != 2 {
|
if len(arg) != 2 {
|
||||||
|
|
@ -384,6 +392,13 @@ func parseTLS(h Helper) ([]ConfigValue, error) {
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if keyType != "" {
|
||||||
|
configVals = append(configVals, ConfigValue{
|
||||||
|
Class: "tls.key_type",
|
||||||
|
Value: keyType,
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
// on-demand TLS
|
// on-demand TLS
|
||||||
if onDemand {
|
if onDemand {
|
||||||
configVals = append(configVals, ConfigValue{
|
configVals = append(configVals, ConfigValue{
|
||||||
|
|
|
||||||
|
|
@ -108,6 +108,10 @@ func (st ServerType) buildTLSApp(
|
||||||
ap.OnDemand = true
|
ap.OnDemand = true
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if keyTypeVals, ok := sblock.pile["tls.key_type"]; ok {
|
||||||
|
ap.KeyType = keyTypeVals[0].Value.(string)
|
||||||
|
}
|
||||||
|
|
||||||
// certificate issuers
|
// certificate issuers
|
||||||
if issuerVals, ok := sblock.pile["tls.cert_issuer"]; ok {
|
if issuerVals, ok := sblock.pile["tls.cert_issuer"]; ok {
|
||||||
var issuers []certmagic.Issuer
|
var issuers []certmagic.Issuer
|
||||||
|
|
|
||||||
|
|
@ -7,6 +7,7 @@
|
||||||
example.com {
|
example.com {
|
||||||
tls {
|
tls {
|
||||||
on_demand
|
on_demand
|
||||||
|
key_type rsa2048
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -79,6 +80,7 @@ http://example.net {
|
||||||
"module": "zerossl"
|
"module": "zerossl"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
|
"key_type": "rsa2048",
|
||||||
"on_demand": true
|
"on_demand": true
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue