deepch
commented
6 years ago Also does not work.
Closed SilverCory closed 2 years ago
deepch
commented
6 years ago Also does not work.
SilverCory
commented
6 years ago @deepch it won't because tls-sni is disabled on letsencrypt's end, you have to use http-01
You can do this in a manner similar to below
m := &autocert.Manager{
Prompt: autocert.AcceptTOS,
HostPolicy: autocert.HostWhitelist(panel.Config.Web.DomainNames[0:]...),
}
dir := cacheDir()
fmt.Println("Using cache: ", dir)
if err := os.MkdirAll(dir, 0700); err != nil {
log.Printf("warning: autocert.NewListener not using a cache: %v", err)
} else {
m.Cache = autocert.DirCache(dir)
}
go http.ListenAndServe(":http", m.HTTPHandler(nil))
return autotls.RunWithManager(panel.GinInstance, *m)this method redirect http to https I need pure :80 and https ;(
SilverCory
commented
6 years ago @deepch you can turn of the redirect by supplying a handler in m.HTTPHandler(...)
deepch
commented
6 years ago thx I run it
m := &autocert.Manager{
Prompt: autocert.AcceptTOS,
HostPolicy: autocert.HostWhitelist(panel.Config.Web.DomainNames[0:]...),
}
dir := cacheDir()
fmt.Println("Using cache: ", dir)
if err := os.MkdirAll(dir, 0700); err != nil {
log.Printf("warning: autocert.NewListener not using a cache: %v", err)
} else {
m.Cache = autocert.DirCache(dir)
}
go http.ListenAndServe(":http", m.HTTPHandler(panel.GinInstance))
return autotls.RunWithManager(panel.GinInstance, *m)
if use go http.ListenAndServe(":http", m.HTTPHandler(nil)) <--- nil work as redirect if use go http.ListenAndServe(":http", m.HTTPHandler(panel.GinInstance)) <--- panel.GinInstance work as http and cert receive no problem
thx you.
appleboy
commented
2 years ago See #26
http: TLS handshake error from 82.34.xxx.xxx:55065: acme/autocert: unable to authorize "xxx.xxx.xxx"; tried ["tls-sni-02" "tls-sni-01"]