Ensure only certificates from ACME enabled entrypoint are used

2018-09-18 01:22:03 -05:00 · 2018-09-18 01:22:03 -05:00 · ab2c98d931
commit ab2c98d931
parent 0ae8cd9a9d
4 changed files with 99 additions and 22 deletions
--- a/integration/fixtures/acme/acme_tls_multiple_entrypoints.toml
+++ b/integration/fixtures/acme/acme_tls_multiple_entrypoints.toml
@ -0,0 +1,59 @@
+logLevel = "DEBUG"
+
+defaultEntryPoints = ["http", "https"]
+
+[entryPoints]
+  [entryPoints.http]
+  address = "{{ .PortHTTP }}"
+  [entryPoints.https]
+  address = "{{ .PortHTTPS }}"
+    [entryPoints.https.tls]
+  [entryPoints.traefik]
+  address = ":9000"
+    [entryPoints.traefik.tls]
+      [[entryPoints.traefik.tls.certificates]]
+      certFile = "fixtures/acme/ssl/wildcard.crt"
+      keyFile = "fixtures/acme/ssl/wildcard.key"
+
+[acme]
+  email = "test@traefik.io"
+  storage = "/tmp/acme.json"
+  entryPoint = "https"
+  acmeLogging = true
+  onDemand = {{ .Acme.OnDemand }}
+  onHostRule = {{ .Acme.OnHostRule }}
+  keyType = "{{ .Acme.KeyType }}"
+  caServer = "{{ .Acme.CAServer }}"
+
+  {{if .Acme.HTTPChallenge }}
+  [acme.httpChallenge]
+    entryPoint = "{{ .Acme.HTTPChallenge.EntryPoint }}"
+  {{end}}
+
+  {{if .Acme.TLSChallenge }}
+  [acme.tlsChallenge]
+  {{end}}
+
+  {{range .Acme.Domains}}
+  [[acme.domains]]
+    main = "{{ .Main }}"
+    sans = [{{range .SANs }}
+      "{{.}}",
+      {{end}}]
+  {{end}}
+
+[api]
+
+[file]
+
+[backends]
+  [backends.backend]
+    [backends.backend.servers.server1]
+    url = "http://127.0.0.1:9010"
+    weight = 1
+
+[frontends]
+  [frontends.frontend]
+  backend = "backend"
+    [frontends.frontend.routes.test]
+    rule = "Host:traefik.acme.wtf"