Certificate resolvers.

Co-authored-by: Julien Salleyron <julien.salleyron@gmail.com>
Co-authored-by: Jean-Baptiste Doumenjou <jb.doumenjou@gmail.com>

pkg/server/router/route_appender_factory.go

@@ -11,7 +11,7 @@ import (
 )
 
 // NewRouteAppenderFactory Creates a new RouteAppenderFactory
-func NewRouteAppenderFactory(staticConfiguration static.Configuration, entryPointName string, acmeProvider *acme.Provider) *RouteAppenderFactory {
+func NewRouteAppenderFactory(staticConfiguration static.Configuration, entryPointName string, acmeProvider []*acme.Provider) *RouteAppenderFactory {
 	return &RouteAppenderFactory{
 		staticConfiguration: staticConfiguration,
 		entryPointName:      entryPointName,
@@ -23,15 +23,18 @@ func NewRouteAppenderFactory(staticConfiguration static.Configuration, entryPoin
 type RouteAppenderFactory struct {
 	staticConfiguration static.Configuration
 	entryPointName      string
-	acmeProvider        *acme.Provider
+	acmeProvider        []*acme.Provider
 }
 
 // NewAppender Creates a new RouteAppender
 func (r *RouteAppenderFactory) NewAppender(ctx context.Context, middlewaresBuilder *middleware.Builder, runtimeConfiguration *runtime.Configuration) types.RouteAppender {
 	aggregator := NewRouteAppenderAggregator(ctx, middlewaresBuilder, r.staticConfiguration, r.entryPointName, runtimeConfiguration)
 
-	if r.acmeProvider != nil && r.acmeProvider.HTTPChallenge != nil && r.acmeProvider.HTTPChallenge.EntryPoint == r.entryPointName {
-		aggregator.AddAppender(r.acmeProvider)
+	for _, p := range r.acmeProvider {
+		if p != nil && p.HTTPChallenge != nil && p.HTTPChallenge.EntryPoint == r.entryPointName {
+			aggregator.AddAppender(p)
+			break
+		}
 	}
 
 	return aggregator

pkg/server/router/tcp/router.go

@@ -79,6 +79,11 @@ func (m *Manager) BuildHandlers(rootCtx context.Context, entryPoints []string) m
 	return entryPointHandlers
 }
 
+type nameAndConfig struct {
+	routerName string // just so we have it as additional information when logging
+	TLSConfig  *tls.Config
+}
+
 func (m *Manager) buildEntryPointHandler(ctx context.Context, configs map[string]*runtime.TCPRouterInfo, configsHTTP map[string]*runtime.RouterInfo, handlerHTTP http.Handler, handlerHTTPS http.Handler) (*tcp.Router, error) {
 	router := &tcp.Router{}
 	router.HTTPHandler(handlerHTTP)
@@ -86,15 +91,11 @@ func (m *Manager) buildEntryPointHandler(ctx context.Context, configs map[string
 
 	defaultTLSConf, err := m.tlsManager.Get("default", defaultTLSConfigName)
 	if err != nil {
-		return nil, err
+		log.FromContext(ctx).Errorf("Error during the build of the default TLS configuration: %v", err)
 	}
 
 	router.HTTPSHandler(handlerHTTPS, defaultTLSConf)
 
-	type nameAndConfig struct {
-		routerName string // just so we have it as additional information when logging
-		TLSConfig  *tls.Config
-	}
 	// Keyed by domain, then by options reference.
 	tlsOptionsForHostSNI := map[string]map[string]nameAndConfig{}
 	for routerHTTPName, routerHTTPConfig := range configsHTTP {
@@ -156,7 +157,7 @@ func (m *Manager) buildEntryPointHandler(ctx context.Context, configs map[string
 		} else {
 			routers := make([]string, 0, len(tlsConfigs))
 			for _, v := range tlsConfigs {
-				configsHTTP[v.routerName].AddError(fmt.Errorf("found different TLS options for routers on the same host %v, so using the default TLS option instead", hostSNI), false)
+				configsHTTP[v.routerName].AddError(fmt.Errorf("found different TLS options for routers on the same host %v, so using the default TLS options instead", hostSNI), false)
 				routers = append(routers, v.routerName)
 			}
 			logger.Warnf("Found different TLS options for routers on the same host %v, so using the default TLS options instead for these routers: %#v", hostSNI, routers)