infrastructure/mox
1
0
Fork 0
mirror of https://github.com/mjl-/mox.git synced 2025-07-12 12:24:38 +03:00
Code Issues Packages Projects Releases Wiki Activity

when suggesting CAA records for a domain, suggest variants that bind to the account id and with validation methods used by mox

Browse Source 
should prevent potential mitm attacks. especially when done close to the
machine itself (where a http/tls challenge is intercepted to get a valid
certificate), as seen on the internet last month.
This commit is contained in:
Mechiel Lukkien
2023-12-21 15:16:30 +01:00
parent ca97293cb2
commit db3fef4981
11 changed files with 123 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
mox-/config.go
View File

@ -612,6 +612,12 @@ func PrepareStaticConfig(ctx context.Context, log mlog.Log, configFile string, c
addErrorf("loading ACME identity for %q: %s", name, err)
}
acme.Manager = manager
// Help configurations from older quickstarts.
if acme.IssuerDomainName == "" && acme.DirectoryURL == "https://acme-v02.api.letsencrypt.org/directory" {
acme.IssuerDomainName = "letsencrypt.org"
}
c.ACME[name] = acme
}