Page MenuHomeMiraheze
Paste P502

Theoretical lifecycle of custom domain requests with RequestSSL+Caddy
ActivePublic

Authored by OrangeStar on Feb 3 2024, 12:34.
1. User submits requests at Special:RequestSSL
2. DomainCheckJob is queued.
3. RequestSSLDomainCheckHook is executed in that job.
IF DOMAIN IS SUCCESSFULLY POINTED
1. ServerName is changed on-wiki.
2. Change a field in the database to indicate that certificate generation is good to go.
3. On first visit to new domain name, Caddy queries Special:RequestSSLIsCorrectlyPointed with the domain name in the GET parameters.
4. Seeing that it is good to go, certificate is generated.
DONE

Event Timeline

OrangeStar created this object in space S1 Public.

https://caddyserver.com/docs/caddyfile/options#on-demand-tls Caddy sends a ?domain=<domainname> GET parameter when querying whether it is okay to generate a certificate.

OrangeStar edited the content of this paste. (Show Details)