traefik/pkg/provider/acme/challenge_tls.go

56 lines
1.4 KiB
Go
Raw Normal View History

2018-07-03 10:44:04 +00:00
package acme
import (
"crypto/tls"
2020-09-04 08:52:03 +00:00
"github.com/go-acme/lego/v4/challenge"
"github.com/go-acme/lego/v4/challenge/tlsalpn01"
"github.com/traefik/traefik/v2/pkg/log"
"github.com/traefik/traefik/v2/pkg/types"
2018-07-03 10:44:04 +00:00
)
2019-01-07 17:30:06 +00:00
var _ challenge.Provider = (*challengeTLSALPN)(nil)
2018-07-03 10:44:04 +00:00
type challengeTLSALPN struct {
Store ChallengeStore
2018-07-03 10:44:04 +00:00
}
func (c *challengeTLSALPN) Present(domain, token, keyAuth string) error {
2018-11-14 09:18:03 +00:00
log.WithoutContext().WithField(log.ProviderName, "acme").
Debugf("TLS Challenge Present temp certificate for %s", domain)
2018-07-03 10:44:04 +00:00
2019-01-07 17:30:06 +00:00
certPEMBlock, keyPEMBlock, err := tlsalpn01.ChallengeBlocks(domain, keyAuth)
2018-07-03 10:44:04 +00:00
if err != nil {
return err
}
cert := &Certificate{Certificate: certPEMBlock, Key: keyPEMBlock, Domain: types.Domain{Main: "TEMP-" + domain}}
return c.Store.AddTLSChallenge(domain, cert)
}
func (c *challengeTLSALPN) CleanUp(domain, token, keyAuth string) error {
2018-11-14 09:18:03 +00:00
log.WithoutContext().WithField(log.ProviderName, "acme").
Debugf("TLS Challenge CleanUp temp certificate for %s", domain)
2018-07-03 10:44:04 +00:00
return c.Store.RemoveTLSChallenge(domain)
}
// GetTLSALPNCertificate Get the temp certificate for ACME TLS-ALPN-O1 challenge.
func (p *Provider) GetTLSALPNCertificate(domain string) (*tls.Certificate, error) {
cert, err := p.ChallengeStore.GetTLSChallenge(domain)
2018-07-03 10:44:04 +00:00
if err != nil {
return nil, err
}
if cert == nil {
return nil, nil
}
certificate, err := tls.X509KeyPair(cert.Certificate, cert.Key)
if err != nil {
return nil, err
}
return &certificate, nil
}