Update go-acme/lego to v4.16.1

2024-03-11 09:18:03 +01:00 · 2024-03-11 09:18:03 +01:00 · 4fd5fca34f
commit 4fd5fca34f
parent 31a93d5045
4 changed files with 33 additions and 23 deletions
--- a/pkg/provider/acme/provider.go
+++ b/pkg/provider/acme/provider.go
@ -32,9 +32,6 @@ import (

 const resolverSuffix = ".acme"

-// ocspMustStaple enables OCSP stapling as from https://github.com/go-acme/lego/issues/270.
-var ocspMustStaple = false
-
 // Configuration holds ACME configuration provided by users.
 type Configuration struct {
 	Email                string `description:"Email address used for registration." json:"email,omitempty" toml:"email,omitempty" yaml:"email,omitempty"`
@ -583,7 +580,6 @@ func (p *Provider) resolveDefaultCertificate(ctx context.Context, domains []stri
 	request := certificate.ObtainRequest{
 		Domains:        domains,
 		Bundle:         true,
-		MustStaple:     ocspMustStaple,
 		PreferredChain: p.PreferredChain,
 	}

@ -628,7 +624,6 @@ func (p *Provider) resolveCertificate(ctx context.Context, domain types.Domain,
 	request := certificate.ObtainRequest{
 		Domains:        domains,
 		Bundle:         true,
-		MustStaple:     ocspMustStaple,
 		PreferredChain: p.PreferredChain,
 	}

@ -819,11 +814,18 @@ func (p *Provider) renewCertificates(ctx context.Context, renewPeriod time.Durat

 		logger.Infof("Renewing certificate from LE : %+v", cert.Domain)

-		renewedCert, err := client.Certificate.Renew(certificate.Resource{
+		res := certificate.Resource{
 			Domain:      cert.Domain.Main,
 			PrivateKey:  cert.Key,
 			Certificate: cert.Certificate.Certificate,
-		}, true, ocspMustStaple, p.PreferredChain)
+		}
+
+		opts := &certificate.RenewOptions{
+			Bundle:         true,
+			PreferredChain: p.PreferredChain,
+		}
+
+		renewedCert, err := client.Certificate.RenewWithOptions(res, opts)
 		if err != nil {
 			logger.WithError(err).Errorf("Error renewing certificate from LE: %v", cert.Domain)
 			continue