about summary refs log tree commit diff stats
diff options
context:
space:
mode:
authorAlan Pearce2024-11-27 23:39:02 +0100
committerAlan Pearce2024-11-27 23:39:02 +0100
commit0240a3f3d9bd8688ee630ebc6110c78f3a84e953 (patch)
tree24f8cc0660a6d133e8a30e3dfeba21df3ce1088c
parent45d56094ee84b90fe50fc3a99d22d8fdc565d29b (diff)
downloadwebsite-0240a3f3d9bd8688ee630ebc6110c78f3a84e953.tar.lz
website-0240a3f3d9bd8688ee630ebc6110c78f3a84e953.tar.zst
website-0240a3f3d9bd8688ee630ebc6110c78f3a84e953.zip
tls: use only DNS01 challenges
-rw-r--r--internal/server/tls.go10
1 files changed, 6 insertions, 4 deletions
diff --git a/internal/server/tls.go b/internal/server/tls.go
index 0fb6c48..2bb5ce4 100644
--- a/internal/server/tls.go
+++ b/internal/server/tls.go
@@ -83,10 +83,12 @@ func (s *Server) serveTLS() (err error) {
 		}
 
 		issuer = certmagic.NewACMEIssuer(cfg, certmagic.ACMEIssuer{
-			CA:     certmagic.LetsEncryptProductionCA,
-			Email:  s.config.Email,
-			Agreed: true,
-			Logger: certmagic.Default.Logger,
+			CA:                      certmagic.LetsEncryptProductionCA,
+			Email:                   s.config.Email,
+			Agreed:                  true,
+			Logger:                  certmagic.Default.Logger,
+			DisableHTTPChallenge:    true,
+			DisableTLSALPNChallenge: true,
 			DNS01Solver: &certmagic.DNS01Solver{
 				DNSManager: certmagic.DNSManager{
 					DNSProvider: pdns,