From: William Lallemand Date: Thu, 23 Oct 2025 09:01:13 +0000 (+0200) Subject: MINOR: acme: display the complete challenge_ready command in the logs X-Git-Tag: v3.3-dev11~55 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=d0f9515e5c13d24a4aaa0a100acb300f3c3daa28;p=thirdparty%2Fhaproxy.git MINOR: acme: display the complete challenge_ready command in the logs When using a wildcard DNS domain in the ACME configuration, for example *.example.com, one might think that it needs to use the challenge_ready command with this domain. But that's not the case, the challenge_ready command takes the domain asked by the ACME server, which is stripped of the wildcard. In order to be clearer, the log message shows exactly the command the user should sent, which is clearer. --- diff --git a/src/acme.c b/src/acme.c index 6e9760829..ffc8ad7ec 100644 --- a/src/acme.c +++ b/src/acme.c @@ -1699,8 +1699,8 @@ int acme_res_auth(struct task *task, struct acme_ctx *ctx, struct acme_auth *aut goto error; } - send_log(NULL, LOG_NOTICE,"acme: %s: dns-01 requires to set the \"_acme-challenge.%.*s\" TXT record to \"%.*s\" and use the \"acme challenge_ready\" command over the CLI\n", - ctx->store->path, (int)auth->dns.len, auth->dns.ptr, (int)trash.data, trash.area); + send_log(NULL, LOG_NOTICE,"acme: %s: dns-01 requires to set the \"_acme-challenge.%.*s\" TXT record to \"%.*s\" and use the \"acme challenge_ready %s domain %.*s\" command over the CLI\n", + ctx->store->path, (int)auth->dns.len, auth->dns.ptr, (int)trash.data, trash.area, ctx->store->path, (int)auth->dns.len, auth->dns.ptr); /* dump to the "dpapi" sink */ line[nmsg++] = ist("acme deploy ");