Closed jholz88 closed 4 days ago
I think when there's a certificate already present that hasn't expired, a new one isn't automatically created if you change the extra domains. Unless you specify lnd.tlsautorefresh
(shich specifically mention the domains).
So I think this is expected behavior.
There is no certificate present because the first thing I did was delete the certificate and key. Then I restarted LIT and it successfully generates a new certificate and key, but is ignoring 'lnd.tlsextradomain'.
Ah, I misread that, sorry. You're talking about the litd certificate only. I guess we need a new tlsextradomain
parameter/flag for just litd
in addition to the lnd.tlsextradomain
one (that only affects the certificate created by lnd
itself).
How to trigger the bug:
Expected behavior: The newly generated certificate should include the specified extra domain(s).
Workaround: I temporarily switched to "docker.io/lightninglabs/lnd:v0.18.0-beta.1" and copied the certificates from /root/.lnd to /root/.lit then switched back.
System Information: LIT running inside docker container running on Fedora CoreOS with ZFS. docker.io/lightninglabs/lightning-terminal:v0.13.0-alpha lnd-mode=integrated