admin: Require identity for remote (fix #4478)

caddyserver · Jan 6, 2022 · b4bfa29 · b4bfa29
1 parent 6cadb60
commit b4bfa29
Showing 1 changed file with 3 additions and 0 deletions.
diff --git a/admin.go b/admin.go
@@ -466,6 +466,9 @@ func replaceRemoteAdminServer(ctx Context, cfg *Config) error {
 	}
 
 	// create TLS config that will enforce mutual authentication
+	if identityCertCache == nil {
+		return fmt.Errorf("cannot enable remote admin without a certificate cache; configure identity management to initialize a certificate cache")
+	}
 	cmCfg := cfg.Admin.Identity.certmagicConfig(remoteLogger, false)
 	tlsConfig := cmCfg.TLSConfig()
 	tlsConfig.NextProtos = nil // this server does not solve ACME challenges