fix(certificate-manager, smart-proxy): Fix race condition in ACME certificate provisioning and refactor certificate manager initialization to defer provisioning until after port listeners are active
This commit is contained in:
10
readme.md
10
readme.md
@ -1481,8 +1481,11 @@ HttpProxy now supports full route-based configuration including:
|
||||
- Enable `enableDetailedLogging` or `enableTlsDebugLogging` for debugging
|
||||
|
||||
### ACME HTTP-01 Challenges
|
||||
- If ACME HTTP-01 challenges fail on port 80, ensure port 80 is included in `useHttpProxy`
|
||||
- Since v19.3.8, non-TLS connections on ports listed in `useHttpProxy` are properly forwarded to HttpProxy
|
||||
- If ACME HTTP-01 challenges fail, ensure:
|
||||
1. Port 80 (or configured ACME port) is included in `useHttpProxy`
|
||||
2. You're using SmartProxy v19.3.9+ for proper timing (ports must be listening before provisioning)
|
||||
- Since v19.3.8: Non-TLS connections on ports listed in `useHttpProxy` are properly forwarded to HttpProxy
|
||||
- Since v19.3.9: Certificate provisioning waits for ports to be ready before starting ACME challenges
|
||||
- Example configuration for ACME on port 80:
|
||||
```typescript
|
||||
const proxy = new SmartProxy({
|
||||
@ -1495,6 +1498,9 @@ HttpProxy now supports full route-based configuration including:
|
||||
routes: [/* your routes */]
|
||||
});
|
||||
```
|
||||
- Common issues:
|
||||
- "Connection refused" during challenges → Update to v19.3.9+ for timing fix
|
||||
- HTTP requests not parsed → Ensure port is in `useHttpProxy` array
|
||||
|
||||
### NFTables Integration
|
||||
- Ensure NFTables is installed: `apt install nftables` or `yum install nftables`
|
||||
|
||||
Reference in New Issue
Block a user