From b540f195b1bdf5ea8b869e43431a3f1d64810753 Mon Sep 17 00:00:00 2001 From: Ben Burkert Date: Wed, 24 Aug 2022 19:22:56 +0200 Subject: [PATCH] httpcaddyfile: Add ocsp_interval global option (#4980) --- caddyconfig/httpcaddyfile/options.go | 1 + caddyconfig/httpcaddyfile/tlsapp.go | 8 ++++++++ .../integration/caddyfile_adapt/global_options_acme.txt | 2 ++ 3 files changed, 11 insertions(+) diff --git a/caddyconfig/httpcaddyfile/options.go b/caddyconfig/httpcaddyfile/options.go index 36f8f4b14..c41e8bc8a 100644 --- a/caddyconfig/httpcaddyfile/options.go +++ b/caddyconfig/httpcaddyfile/options.go @@ -37,6 +37,7 @@ func init() { RegisterGlobalOption("storage", parseOptStorage) RegisterGlobalOption("storage_clean_interval", parseOptDuration) RegisterGlobalOption("renew_interval", parseOptDuration) + RegisterGlobalOption("ocsp_interval", parseOptDuration) RegisterGlobalOption("acme_ca", parseOptSingleString) RegisterGlobalOption("acme_ca_root", parseOptSingleString) RegisterGlobalOption("acme_dns", parseOptACMEDNS) diff --git a/caddyconfig/httpcaddyfile/tlsapp.go b/caddyconfig/httpcaddyfile/tlsapp.go index 32c174782..947512aab 100644 --- a/caddyconfig/httpcaddyfile/tlsapp.go +++ b/caddyconfig/httpcaddyfile/tlsapp.go @@ -307,6 +307,14 @@ func (st ServerType) buildTLSApp( tlsApp.Automation.RenewCheckInterval = renewCheckInterval } + // set the OCSP check interval if configured + if ocspCheckInterval, ok := options["ocsp_interval"].(caddy.Duration); ok { + if tlsApp.Automation == nil { + tlsApp.Automation = new(caddytls.AutomationConfig) + } + tlsApp.Automation.OCSPCheckInterval = ocspCheckInterval + } + // set whether OCSP stapling should be disabled for manually-managed certificates if ocspConfig, ok := options["ocsp_stapling"].(certmagic.OCSPConfig); ok { tlsApp.DisableOCSPStapling = ocspConfig.DisableStapling diff --git a/caddytest/integration/caddyfile_adapt/global_options_acme.txt b/caddytest/integration/caddyfile_adapt/global_options_acme.txt index 58ade3080..1949d17a0 100644 --- a/caddytest/integration/caddyfile_adapt/global_options_acme.txt +++ b/caddytest/integration/caddyfile_adapt/global_options_acme.txt @@ -22,6 +22,7 @@ } storage_clean_interval 7d renew_interval 1d + ocsp_interval 2d key_type ed25519 } @@ -83,6 +84,7 @@ }, "ask": "https://example.com" }, + "ocsp_interval": 172800000000000, "renew_interval": 86400000000000, "storage_clean_interval": 604800000000000 }