diff options
| author | Tom Proctor <tomhjp@users.noreply.github.com> | 2025-01-23 22:48:11 +0000 |
|---|---|---|
| committer | Tom Proctor <tomhjp@users.noreply.github.com> | 2025-01-23 22:48:11 +0000 |
| commit | 90ccc1e10784e6201ccf51c410ac032ca5d80de2 (patch) | |
| tree | 0a5948ccd72d19544d7a654ffb48df573c1a42d0 | |
| parent | f1710f4a429911b461fb5e25a1e33642317bdedf (diff) | |
| download | tailscale-tomhjp/dns-01-test-env.tar.xz tailscale-tomhjp/dns-01-test-env.zip | |
ipn/ipnlocal: hacky client changes for test TLS certstomhjp/dns-01-test-env
Change-Id: I46d9ab5d01d214fbd971f7472a0a5f64f9f8acb0
Signed-off-by: Tom Proctor <tomhjp@users.noreply.github.com>
| -rw-r--r-- | ipn/ipnlocal/cert.go | 16 |
1 files changed, 13 insertions, 3 deletions
diff --git a/ipn/ipnlocal/cert.go b/ipn/ipnlocal/cert.go index 0d92c7cf8..3beb9ce0d 100644 --- a/ipn/ipnlocal/cert.go +++ b/ipn/ipnlocal/cert.go @@ -24,6 +24,7 @@ import ( "log" randv2 "math/rand/v2" "net" + "net/http" "os" "path/filepath" "runtime" @@ -550,12 +551,13 @@ func (b *LocalBackend) getCertPEM(ctx context.Context, cs certStore, logf logger return nil, err } - csr, err := certRequest(certPrivKey, domain, nil) + csr, err := certRequest(certPrivKey, domain, nil, domain) if err != nil { return nil, err } logf("requesting cert...") + traceACME(csr) der, _, err := ac.CreateOrderCert(ctx, order.FinalizeURL, csr, true) if err != nil { return nil, fmt.Errorf("CreateOrder: %v", err) @@ -658,8 +660,16 @@ func acmeClient(cs certStore) (*acme.Client, error) { // LetsEncrypt), we should make sure that they support ARI extension (see // shouldStartDomainRenewalARI). return &acme.Client{ - Key: key, - UserAgent: "tailscaled/" + version.Long(), + Key: key, + UserAgent: "tailscaled/" + version.Long(), + DirectoryURL: "https://localhost:14000/dir", + HTTPClient: &http.Client{ + Transport: &http.Transport{ + TLSClientConfig: &tls.Config{ + InsecureSkipVerify: true, + }, + }, + }, }, nil } |