fix(mixins/SslCertificate): remove unnecessary warnings
This commit is contained in:
Julien Fontanet
parent
ef7005a291
commit
d1c6bb8829
@ -57,18 +57,7 @@ class SslCertificate {
|
|||||||
this.#secureContext = createSecureContext({ cert, key })
|
this.#secureContext = createSecureContext({ cert, key })
|
||||||
}
|
}
|
||||||
|
|
||||||
async getSecureContext(httpsDomainName, config) {
|
async getSecureContext(config) {
|
||||||
// something changed in configuration or there is a network misconfiguration
|
|
||||||
// don't generate new let's encrypt challenges or invalid certificates
|
|
||||||
if (config?.acmeDomain !== httpsDomainName) {
|
|
||||||
warn(`certificates is configured for a domain, but receive http request from another`, {
|
|
||||||
acmeDomain: config?.acmeDomain,
|
|
||||||
httpsDomainName,
|
|
||||||
})
|
|
||||||
// fallback to self signed certificate to not lock user out
|
|
||||||
return undefined
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!this.#shouldBeRenewed) {
|
if (!this.#shouldBeRenewed) {
|
||||||
return this.#secureContext
|
return this.#secureContext
|
||||||
}
|
}
|
||||||
@ -185,20 +174,26 @@ export default class SslCertificates {
|
|||||||
const config = this.#app.config.get(['http', 'listen', configKey])
|
const config = this.#app.config.get(['http', 'listen', configKey])
|
||||||
const handlers = this.#handlers
|
const handlers = this.#handlers
|
||||||
|
|
||||||
|
const { acmeDomain } = config
|
||||||
|
|
||||||
// not a let's encrypt protected end point, sommething changed in the configuration
|
// not a let's encrypt protected end point, sommething changed in the configuration
|
||||||
if (config.acmeDomain === undefined) {
|
if (acmeDomain === undefined) {
|
||||||
warn(`config don't have acmeDomain, mandatory for let's encrypt`, { config })
|
|
||||||
handlers.delete(configKey)
|
handlers.delete(configKey)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// server has been access with another domain, don't use the certificate
|
||||||
|
if (acmeDomain !== httpsDomainName) {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
let handler = handlers.get(configKey)
|
let handler = handlers.get(configKey)
|
||||||
if (handler === undefined) {
|
if (handler === undefined) {
|
||||||
// register the handler for this domain
|
// register the handler for this domain
|
||||||
handler = new SslCertificate(this.#challengeHandlers, initialCert, initialKey)
|
handler = new SslCertificate(this.#challengeHandlers, initialCert, initialKey)
|
||||||
handlers.set(configKey, handler)
|
handlers.set(configKey, handler)
|
||||||
}
|
}
|
||||||
return handler.getSecureContext(httpsDomainName, config)
|
return handler.getSecureContext(config)
|
||||||
}
|
}
|
||||||
|
|
||||||
// middleware that will serve the http challenge to let's encrypt servers
|
// middleware that will serve the http challenge to let's encrypt servers
|
||||||
|
|||||||
@ -27,4 +27,6 @@
|
|||||||
|
|
||||||
<!--packages-start-->
|
<!--packages-start-->
|
||||||
|
|
||||||
|
- @xen-orchestra/mixins patch
|
||||||
|
|
||||||
<!--packages-end-->
|
<!--packages-end-->
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user