fix(mixins/SslCertificate): remove unnecessary warnings

2022-07-29 19:22:05 +02:00 · 2022-07-29 19:22:05 +02:00 · d1c6bb8829
commit d1c6bb8829
parent ef7005a291
2 changed files with 12 additions and 15 deletions
--- a/@xen-orchestra/mixins/SslCertificate.mjs
+++ b/@xen-orchestra/mixins/SslCertificate.mjs
@ -57,18 +57,7 @@ class SslCertificate {
    this.#secureContext = createSecureContext({ cert, key })
  }

-  async getSecureContext(httpsDomainName, config) {
-    // something changed in configuration or there is a network misconfiguration
-    // don't generate new let's encrypt challenges or invalid certificates
-    if (config?.acmeDomain !== httpsDomainName) {
-      warn(`certificates is configured for a domain, but receive http request from another`, {
-        acmeDomain: config?.acmeDomain,
-        httpsDomainName,
-      })
-      // fallback to self signed certificate to not lock user out
-      return undefined
-    }
-
+  async getSecureContext(config) {
    if (!this.#shouldBeRenewed) {
      return this.#secureContext
    }
@ -185,20 +174,26 @@ export default class SslCertificates {
    const config = this.#app.config.get(['http', 'listen', configKey])
    const handlers = this.#handlers

+    const { acmeDomain } = config
+
    // not a let's encrypt protected end point, sommething changed in the configuration
-    if (config.acmeDomain === undefined) {
-      warn(`config don't have acmeDomain, mandatory for let's encrypt`, { config })
+    if (acmeDomain === undefined) {
      handlers.delete(configKey)
      return
    }

+    // server has been access with another domain, don't use the certificate
+    if (acmeDomain !== httpsDomainName) {
+      return
+    }
+
    let handler = handlers.get(configKey)
    if (handler === undefined) {
      // register the handler for this domain
      handler = new SslCertificate(this.#challengeHandlers, initialCert, initialKey)
      handlers.set(configKey, handler)
    }
-    return handler.getSecureContext(httpsDomainName, config)
+    return handler.getSecureContext(config)
  }

  // middleware that will serve the http challenge to let's encrypt servers
--- a/CHANGELOG.unreleased.md
+++ b/CHANGELOG.unreleased.md
@ -27,4 +27,6 @@

 <!--packages-start-->

+- @xen-orchestra/mixins patch
+
 <!--packages-end-->