Just wondering when caddy requests the URL (defined in the “ask” query of the site block) whether a hostname should be allowed to get a certificate what it information it passes to such a backend for it to be checked?
Does it pass the domain in question via a query param (e.g http://example.com/allowed?domain=domain.com)? If not, how else am I able to check what domain has permissions for such in the backend?
Yep! The docs describe it exactly like that:
If Caddy needs to obtain or renew a certificate during a TLS handshake, it will perform a quick HTTP request to this URL to check if it should be allowed to try to get a certificate for the name in the “domain” query string parameter, like so:
?domain=example.com . The endpoint must return a 200 OK status if a certificate is allowed; anything else will cause it to be denied. Redirects are not followed.
This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.