AutoTLS: allow fallback servers to not run on :80

2025-12-18 10:27:06 +00:00 · 2020-08-13 07:24:46 +03:00
parent 6ead1d21da
commit ff5e43f341
2 changed files with 5 additions and 3 deletions
--- a/core/host/supervisor.go
+++ b/core/host/supervisor.go
@@ -407,9 +407,11 @@ func (su *Supervisor) runTLS(getCertificate func(*tls.ClientHelloInfo) (*tls.Cer
 			} else {
 				if srv.Addr == "" {
 					srv.Addr = ":http"
-				} else if !su.manuallyTLS && srv.Addr != ":80" && srv.Addr != ":http" {
-					return fmt.Errorf("autotls: The HTTP-01 challenge relies on http://%s:80/.well-known/acme-challenge/", netutil.ResolveVHost(su.Server.Addr))
 				}
+				// } else if !su.manuallyTLS && srv.Addr != ":80" && srv.Addr != ":http" {
+				// 	hostname, _, _ := net.SplitHostPort(su.Server.Addr)
+				// 	return fmt.Errorf("autotls: The HTTP-01 challenge relies on http://%s:80/.well-known/acme-challenge/", hostname)
+				// }

 				if srv.Handler == nil {
 					// handler was nil, caller wanted to change the server's options like read/write timeout.
--- a/iris.go
+++ b/iris.go
@@ -614,7 +614,7 @@ var (
 	// a valid option when the caller wants just to customize the server's fields (except Addr).
 	// With this host configurator the caller can customize the server
 	// that letsencrypt relies to perform the challenge.
-	// LetsEncrypt Certification Manager relies on http://%s:80/.well-known/acme-challenge/<TOKEN>.
+	// LetsEncrypt Certification Manager relies on http://example.com/.well-known/acme-challenge/<TOKEN>.
 	AutoTLSNoRedirect = func(getFallbackServer func(acmeHandler func(fallback http.Handler) http.Handler) *http.Server) host.Configurator {
 		return func(su *host.Supervisor) {
 			su.NoRedirect()