MCPcopy
hub / github.com/caddyserver/certmagic / newBasicACMEClient

Method newBasicACMEClient

acmeclient.go:252–282  ·  view source on GitHub ↗

newBasicACMEClient sets up a basically-functional ACME client that is not capable of solving challenges but can provide basic interactions with the server.

()

Source from the content-addressed store, hash-verified

250// newBasicACMEClient sets up a basically-functional ACME client that is not capable
251// of solving challenges but can provide basic interactions with the server.
252func (iss *ACMEIssuer) newBasicACMEClient() (*acmez.Client, error) {
253 caURL := iss.CA
254 if caURL == "" {
255 caURL = DefaultACME.CA
256 }
257 // ensure endpoint is secure (assume HTTPS if scheme is missing)
258 if !strings.Contains(caURL, "://") {
259 caURL = "https://" + caURL
260 }
261 u, err := url.Parse(caURL)
262 if err != nil {
263 return nil, err
264 }
265 if u.Scheme != "https" && !SubjectIsInternal(u.Host) {
266 return nil, fmt.Errorf("%s: insecure CA URL (HTTPS required for non-internal CA)", caURL)
267 }
268 return &acmez.Client{
269 Client: &acme.Client{
270 Directory: caURL,
271 UserAgent: buildUAString(),
272 HTTPClient: iss.httpClient,
273 Logger: slog.New(zapslog.NewHandler(
274 iss.Logger.Core(),
275 zapslog.WithName(iss.Logger.Name()+".acme_client"),
276 // the default enables traces at ERROR level, this disables
277 // them by setting it to a level higher than any other level
278 zapslog.AddStacktraceAt(slog.Level(127)),
279 )),
280 },
281 }, nil
282}
283
284// GetRenewalInfo gets the ACME Renewal Information (ARI) for the certificate.
285func (iss *ACMEIssuer) GetRenewalInfo(ctx context.Context, cert Certificate) (acme.RenewalInfo, error) {

Callers 2

newACMEClientMethod · 0.95
GetRenewalInfoMethod · 0.95

Calls 2

SubjectIsInternalFunction · 0.85
buildUAStringFunction · 0.85

Tested by

no test coverage detected