Closed komuw closed 1 year ago
The issue is that acme.GetCertificate()
is called for every request; https://github.com/komuw/ong/blob/v0.0.58/server/tls_conf.go#L54-L58 and it is, it creates a new acme.manager; https://github.com/komuw/ong/blob/v0.0.58/internal/acme/acme.go#L85
So each request gets a new manager with its own state. Requests do not share state, hence do not share the manager cache.
After merge of https://github.com/komuw/ong/pull/294, steps to repro.
Deploy site.
curl domain so that tls certs are procured from ACME.(This should also save certs in disk and memory)
Delete the cert from disk
curl site; it should return immediately since certs are in memory. But it doesn't; instead it procures from ACME again
And yet we have this test and it passes; https://github.com/komuw/ong/blob/3153948e1a6ac10c7744ed46356cd1491f1dda50/internal/acme/acme_test.go#L291-L327, what is happening with ACME staging?