From 021f37ff7111d42d879f549dff74cbc5bdb5acb7 Mon Sep 17 00:00:00 2001 From: Erikas <5955795+erkexzcx@users.noreply.github.com> Date: Tue, 16 May 2023 17:00:06 +0300 Subject: [PATCH] Do not check for wildcard domains for non DNS challenge --- pkg/provider/acme/provider.go | 10 ++-------- pkg/provider/acme/provider_test.go | 7 ------- 2 files changed, 2 insertions(+), 15 deletions(-) diff --git a/pkg/provider/acme/provider.go b/pkg/provider/acme/provider.go index be211ab04..b9027de98 100644 --- a/pkg/provider/acme/provider.go +++ b/pkg/provider/acme/provider.go @@ -922,14 +922,8 @@ func (p *Provider) sanitizeDomains(ctx context.Context, domain types.Domain) ([] var cleanDomains []string for _, dom := range domains { - if strings.HasPrefix(dom, "*") { - if p.DNSChallenge == nil { - return nil, fmt.Errorf("unable to generate a wildcard certificate in ACME provider for domain %q : ACME needs a DNSChallenge", strings.Join(domains, ",")) - } - - if strings.HasPrefix(dom, "*.*") { - return nil, fmt.Errorf("unable to generate a wildcard certificate in ACME provider for domain %q : ACME does not allow '*.*' wildcard domain", strings.Join(domains, ",")) - } + if strings.HasPrefix(dom, "*.*") { + return nil, fmt.Errorf("unable to generate a wildcard certificate in ACME provider for domain %q : ACME does not allow '*.*' wildcard domain", strings.Join(domains, ",")) } canonicalDomain := types.CanonicalDomain(dom) diff --git a/pkg/provider/acme/provider_test.go b/pkg/provider/acme/provider_test.go index 3268b1c92..3cd024c77 100644 --- a/pkg/provider/acme/provider_test.go +++ b/pkg/provider/acme/provider_test.go @@ -217,13 +217,6 @@ func TestProvider_sanitizeDomains(t *testing.T) { expectedErr: "no domain was given", expectedDomains: nil, }, - { - desc: "no DNSChallenge", - domains: types.Domain{Main: "*.traefik.wtf", SANs: []string{"foo.traefik.wtf"}}, - dnsChallenge: nil, - expectedErr: "unable to generate a wildcard certificate in ACME provider for domain \"*.traefik.wtf,foo.traefik.wtf\" : ACME needs a DNSChallenge", - expectedDomains: nil, - }, { desc: "unauthorized wildcard with SAN", domains: types.Domain{Main: "*.*.traefik.wtf", SANs: []string{"foo.traefik.wtf"}},