-
Notifications
You must be signed in to change notification settings - Fork 6
/
Copy pathACME_http-01.config.merge.tmsh
31 lines (31 loc) · 1.29 KB
/
ACME_http-01.config.merge.tmsh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
ltm rule ACME_http-01 {
# Responds to ACME HTTP-01 challenge verification requests by an ACME CA
priority 2
when RULE_INIT {
set static::ACME_http-01_validator_class {ACME_http-01}
set static::ACME_http-01_error_response {<html><body><h1>503 - Error</h1><p>Content not found.</p></body></html>}
}
when HTTP_REQUEST {
if { [string tolower [HTTP::uri]] starts_with {/.well-known/acme-challenge/}
and [class match [HTTP::uri] ends_with ${static::ACME_http-01_validator_class}] != {} } {
set response_content [class lookup [substr [HTTP::uri] 28] ${static::ACME_http-01_validator_class}]
if { ${response_content} != {} } {
HTTP::respond 200 -version auto content ${response_content} noserver Content-Type {text/plain} Content-Length [string length ${response_content}] Cache-Control no-store
} else {
HTTP::respond 503 -version auto content ${static::ACME_http-01_error_response} noserver Content-Type {text/html} Content-Length [string length ${static::ACME_http-01_error_response}] Cache-Control no-store
}
unset response_content
event disable all
return
}
}
}
ltm data-group internal ACME_http-01 {
description "ACME HTTP-01 challenge response KVPs, used by iRule ACME_http-01"
records {
test {
data "1234"
}
}
type string
}