• Matthew Holt's avatar
    letsencrypt: Fix OCSP stapling and restarts with new LE-capable hosts · 55601d3e
    Matthew Holt authored
    Before, Caddy couldn't support graceful (zero-downtime) restarts when the reloaded Caddyfile had a host in it that was elligible for a LE certificate because the port was already in use. This commit makes it possible to do zero-downtime reloads and issue certificates for new hosts that need it. Supports only http-01 challenge at this time.
    
    OCSP stapling is improved in that it updates before the expiration time when the validity window has shifted forward. See 30c94908. Before it only used to update when the status changed.
    
    This commit also sets the user agent for Let's Encrypt requests with a string containing "Caddy".
    55601d3e
server.go 14.7 KB