git.kaiwu.me - haproxy.git/commit

author	William Lallemand <wlallemand@haproxy.com>
	Fri, 27 Mar 2026 11:18:47 +0000 (12:18 +0100)
committer	William Lallemand <wlallemand@haproxy.com>
	Mon, 30 Mar 2026 16:24:28 +0000 (18:24 +0200)
commit	2b0c510affce6a3470697e4848b983036711ed63
tree	2a522f046b31fde8d1f20ac8832d03be6625e092	tree \| snapshot
parent	631fd5f99b328bbac0378b235b7d0480fc9d4937	commit \| diff

MEDIUM: acme: new 'challenge-ready' option

The previous patch implemented the 'dns-check' option. This one replaces
it by a more generic 'challenge-ready' option, which allows the user to
chose the condition to validate the readiness of a challenge. It could
be 'cli', 'dns' or both.

When in dns-01 mode it's by default to 'cli' so the external tool used to
configure the TXT record can validate itself. If the tool does not
validate the TXT record, you can use 'cli,dns' so a DNS check would be
done after the CLI validated with 'challenge_ready'.

For an automated validation of the challenge, it should be set to 'dns',
this would check that the TXT record is right by itself.

include/haproxy/acme-t.h		diff \| blob \| history
src/acme.c		diff \| blob \| history