infrastructure/mox
1
0
Fork 0
mirror of https://github.com/mjl-/mox.git synced 2025-07-10 10:34:40 +03:00
Code Issues Packages Projects Releases Wiki Activity

acme port config option, explain why using a https reverse proxy will not work for acme tls-alpn-01 verification

Browse Source 
related to #218 by mgkirs
This commit is contained in:
Mechiel Lukkien
2024-10-03 21:16:19 +02:00
parent 7ecc3f68ce
commit 7d3f307156
2 changed files with 6 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
config/doc.go
View File

@ -113,8 +113,11 @@ See https://pkg.go.dev/github.com/mjl-/sconf for details.
# TLS port for ACME validation, 443 by default. You should only override this if
# you cannot listen on port 443 directly. ACME will make requests to port 443, so
# you'll have to add an external mechanism to get the connection here, e.g. by
# configuring port forwarding. (optional)
# you'll have to add an external mechanism to get the tls connection here, e.g. by
# configuring firewall-level port forwarding. Validation over the https port uses
# tls-alpn-01 with application-layer protocol negotiation, which essentially means
# the original tls connection must make it here unmodified, an https reverse proxy
# will not work. (optional)
Port: 0
# If set, used for suggested CAA DNS records, for restricting TLS certificate