[pmg-devel] [PATCH pmg-api] acme: allow wildcard domain entries
Stoiko Ivanov
s.ivanov at proxmox.com
Mon Apr 12 15:23:59 CEST 2021
Reported in our community forum [0], support for wildcard certificates
via ACME sounds like a good enhancement (especially for PMG).
In order for this to work you need to configure both:
* the wild-card subentry (*.domain.example)
* the base entry (domain.example)
as ACME domains (and be able to verify both of them via DNS Plugin)
Quickly tested with a domain of mine (and the powerdns plugin)
[0]
https://forum.proxmox.com/threads/feature-request-add-wildcard-support-for-acme.87495/
Signed-off-by: Stoiko Ivanov <s.ivanov at proxmox.com>
---
src/PMG/CertHelpers.pm | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/PMG/CertHelpers.pm b/src/PMG/CertHelpers.pm
index 5122f71..b7e79b7 100644
--- a/src/PMG/CertHelpers.pm
+++ b/src/PMG/CertHelpers.pm
@@ -57,7 +57,7 @@ PVE::JSONSchema::register_format('pmg-acme-domain', sub {
my $label = qr/[a-z0-9][a-z0-9_-]*/i;
- return $domain if $domain =~ /^$label(?:\.$label)+$/;
+ return $domain if $domain =~ /^(?:\*\.)?$label(?:\.$label)+$/;
return undef if $noerr;
die "value '$domain' does not look like a valid domain name!\n";
});
--
2.20.1
More information about the pmg-devel
mailing list