func newHTTP(rcfg Config) (Responder, error) {
s := &httpResponder{
rcfg: rcfg,
serveMux: http.NewServeMux(),
requestDetectedChan: make(chan struct{}, 1),
notifySupported: true,
}
// Configure the HTTP server
s.serveMux.HandleFunc("/.well-known/acme-challenge/"+rcfg.Token, s.handle)
ka, err := acmeutils.KeyAuthorization(rcfg.AccountKey, rcfg.Token)
if err != nil {
return nil, err
}
s.ka = []byte(ka)
s.validation, err = acmeutils.ChallengeResponseJSON(rcfg.AccountKey, rcfg.Token, "http-01")
if err != nil {
return nil, err
}
return s, nil
}
func newDNSResponder(rcfg Config) (Responder, error) {
s := &dnsResponder{
rcfg: rcfg,
}
var err error
s.validation, err = acmeutils.ChallengeResponseJSON(rcfg.AccountKey, rcfg.Token, "dns-01")
if err != nil {
return nil, err
}
s.dnsString, err = acmeutils.DNSKeyAuthorization(rcfg.AccountKey, rcfg.Token)
if err != nil {
return nil, err
}
return s, nil
}
func newTLSSNIResponder(rcfg Config) (Responder, error) {
r := &tlssniResponder{
rcfg: rcfg,
requestDetectedChan: make(chan struct{}, 1),
stoppedChan: make(chan struct{}),
notifySupported: true,
}
// Validation hostname.
var err error
r.validationHostname, err = acmeutils.TLSSNIHostname(rcfg.AccountKey, rcfg.Token)
if err != nil {
return nil, err
}
// Certificate and private key.
r.cert, r.privateKey, err = acmeutils.CreateTLSSNICertificate(r.validationHostname)
if err != nil {
return nil, err
}
c := &tls.Certificate{
Certificate: [][]byte{r.cert},
PrivateKey: r.privateKey,
}
r.cfg = &tls.Config{
Certificates: []tls.Certificate{*c},
}
// Validation response.
r.validation, err = acmeutils.ChallengeResponseJSON(rcfg.AccountKey, rcfg.Token, "tls-sni-01")
if err != nil {
return nil, err
}
return r, nil
}