From 37895a7da8dfd3a2d419e62350595bd83cceb434 Mon Sep 17 00:00:00 2001
From: Alan Pearce
Date: Sat, 29 Jun 2024 10:26:57 +0200
Subject: tls: strip IPv6 brackets before enabling certmagic

---
 internal/server/tls.go | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/internal/server/tls.go b/internal/server/tls.go
index 565958f..848d97c 100644
--- a/internal/server/tls.go
+++ b/internal/server/tls.go
@@ -50,11 +50,16 @@ func (s *Server) serveTLS() (err error) {
 		// caddy's ACME server (step-ca) doesn't specify an OCSP server
 		cfg.OCSP.DisableStapling = true
 
+		listenAddress := s.runtimeConfig.ListenAddress
+		if listenAddress[0] == '[' {
+			listenAddress = listenAddress[1 : len(listenAddress)-1]
+		}
+
 		cfg.Issuers[0] = certmagic.NewACMEIssuer(cfg, certmagic.ACMEIssuer{
 			CA:                      s.runtimeConfig.ACMECA,
 			TrustedRoots:            cp,
 			DisableTLSALPNChallenge: true,
-			ListenHost:              s.runtimeConfig.ListenAddress,
+			ListenHost:              listenAddress,
 			AltHTTPPort:             s.runtimeConfig.Port,
 			AltTLSALPNPort:          s.runtimeConfig.TLSPort,
 		})
-- 
cgit 1.4.1