From 26093121a33fb6f84c21ffb21e70a9432a63e70e Mon Sep 17 00:00:00 2001 From: William Lallemand Date: Fri, 21 Nov 2025 12:10:21 +0100 Subject: [PATCH] BUG/MINOR: acme: handle multiple auth with the same name In case of the dns-01 challenge, it is possible to have a domain "example.com" and "*.example.com" in the same request. This will create 2 different auth objects, which need 2 different challenges. However the associated domain is "example.com" for both auth objects. When doing a "challenge_ready", the algorithm will break at the first domain found. But since you can have multiple time the same domain in this case, breaking at the first one prevent to have all auth objects in a ready state. This patch just remove the break so we can loop on every auth objects. Must be backported to 3.2. --- src/acme.c | 1 - 1 file changed, 1 deletion(-) diff --git a/src/acme.c b/src/acme.c index f649ba72f..787f3612e 100644 --- a/src/acme.c +++ b/src/acme.c @@ -2890,7 +2890,6 @@ static int cli_acme_chall_ready_parse(char **args, char *payload, struct appctx } else { memprintf(&errmsg, "ACME challenge for crt \"%s\" and dns \"%s\" was already READY !\n", crt, dns); } - break; } auth = auth->next; }