tls: use only DNS01 challenges

author: Alan Pearce 2024-11-27 23:39:02 +0100
committer: Alan Pearce 2024-11-27 23:39:02 +0100
commit: 0240a3f3d9bd8688ee630ebc6110c78f3a84e953 (patch)
tree: 24f8cc0660a6d133e8a30e3dfeba21df3ce1088c /internal/server/tls.go
parent: 45d56094ee84b90fe50fc3a99d22d8fdc565d29b (diff)
download: website-0240a3f3d9bd8688ee630ebc6110c78f3a84e953.tar.lz
website-0240a3f3d9bd8688ee630ebc6110c78f3a84e953.tar.zst
website-0240a3f3d9bd8688ee630ebc6110c78f3a84e953.zip
1 files changed, 6 insertions, 4 deletions
diff --git a/internal/server/tls.go b/internal/server/tls.go
index 0fb6c48..2bb5ce4 100644
--- a/internal/server/tls.go
+++ b/internal/server/tls.go
@@ -83,10 +83,12 @@ func (s *Server) serveTLS() (err error) {
 		}
 
 		issuer = certmagic.NewACMEIssuer(cfg, certmagic.ACMEIssuer{
-			CA:     certmagic.LetsEncryptProductionCA,
-			Email:  s.config.Email,
-			Agreed: true,
-			Logger: certmagic.Default.Logger,
+			CA:                      certmagic.LetsEncryptProductionCA,
+			Email:                   s.config.Email,
+			Agreed:                  true,
+			Logger:                  certmagic.Default.Logger,
+			DisableHTTPChallenge:    true,
+			DisableTLSALPNChallenge: true,
 			DNS01Solver: &certmagic.DNS01Solver{
 				DNSManager: certmagic.DNSManager{
 					DNSProvider: pdns,
author	Alan Pearce	2024-11-27 23:39:02 +0100
committer	Alan Pearce	2024-11-27 23:39:02 +0100
commit	0240a3f3d9bd8688ee630ebc6110c78f3a84e953 (patch)
tree	24f8cc0660a6d133e8a30e3dfeba21df3ce1088c /internal/server/tls.go
parent	45d56094ee84b90fe50fc3a99d22d8fdc565d29b (diff)
download	website-0240a3f3d9bd8688ee630ebc6110c78f3a84e953.tar.lz website-0240a3f3d9bd8688ee630ebc6110c78f3a84e953.tar.zst website-0240a3f3d9bd8688ee630ebc6110c78f3a84e953.zip