mirror of
https://github.com/caddyserver/caddy.git
synced 2024-12-02 13:59:50 +08:00
05656a60b3
In the Caddyfile, hosts specified for HTTP sockets (either scheme is "http" or it is on the HTTP port) should not be used as subjects in TLS automation policies (APs).
68 lines
848 B
Plaintext
68 lines
848 B
Plaintext
# (this Caddyfile is contrived, but based on issues #4176 and #4198)
|
|
|
|
http://example.com {
|
|
}
|
|
|
|
https://example.com {
|
|
tls internal
|
|
}
|
|
|
|
----------
|
|
{
|
|
"apps": {
|
|
"http": {
|
|
"servers": {
|
|
"srv0": {
|
|
"listen": [
|
|
":443"
|
|
],
|
|
"routes": [
|
|
{
|
|
"match": [
|
|
{
|
|
"host": [
|
|
"example.com"
|
|
]
|
|
}
|
|
],
|
|
"terminal": true
|
|
}
|
|
]
|
|
},
|
|
"srv1": {
|
|
"listen": [
|
|
":80"
|
|
],
|
|
"routes": [
|
|
{
|
|
"match": [
|
|
{
|
|
"host": [
|
|
"example.com"
|
|
]
|
|
}
|
|
],
|
|
"terminal": true
|
|
}
|
|
]
|
|
}
|
|
}
|
|
},
|
|
"tls": {
|
|
"automation": {
|
|
"policies": [
|
|
{
|
|
"subjects": [
|
|
"example.com"
|
|
],
|
|
"issuers": [
|
|
{
|
|
"module": "internal"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
}
|
|
}
|
|
} |