Fix Let's Encrypt http-01 challenge

jamesog · jamesog · commit 81dd4d017947 · 2019-02-16T15:13:54.000Z
I'm puzzled how this ever worked: Let's Encrypt http-01 challenges work
by hitting the webserver on HTTP to request a validation file.

Scan (somehow) used to be able to generate the cert without this
validation step happening, but that's stopped working.

This change adds the autocert handler into Chi's middleware list such
that if, on plain HTTP a Let's Encrypt challenge comes in, it's handled
properly to allow cert generation.
diff --git a/scan.go b/scan.go
@@ -804,7 +804,7 @@ func main() {
 		if *tlsHostname != "" {
 			m.HostPolicy = autocert.HostWhitelist(*tlsHostname)
 		}
-		middlewares = append(middlewares, redirectHTTPS)
+		middlewares = append(middlewares, m.HTTPHandler, redirectHTTPS)
 	}
 
 	r := setupRouter(middlewares...)

Original file line number	Diff line number	Diff line change
`@@ -804,7 +804,7 @@ func main() {`
`804`	`804`	`if *tlsHostname != "" {`
`805`	`805`	`m.HostPolicy = autocert.HostWhitelist(*tlsHostname)`
`806`	`806`	`}`
`807`		`- middlewares = append(middlewares, redirectHTTPS)`
	`807`	`+ middlewares = append(middlewares, m.HTTPHandler, redirectHTTPS)`
`808`	`808`	`}`
`809`	`809`
`810`	`810`	`r := setupRouter(middlewares...)`