From f68ea660064edd008e5906fd27df6a95b8c98c12 Mon Sep 17 00:00:00 2001
From: "backport-actions-token[bot]"
 <87506591+backport-actions-token[bot]@users.noreply.github.com>
Date: Fri, 16 Dec 2022 13:49:44 -0700
Subject: [PATCH] autocert: use atomic pointer to allow nil (#3817)

autocert: use atomic pointer to allow nil (#3816)

Co-authored-by: Caleb Doxsey <cdoxsey@pomerium.com>
---
 internal/autocert/manager.go | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/internal/autocert/manager.go b/internal/autocert/manager.go
index 4d809099d..750f4c566 100644
--- a/internal/autocert/manager.go
+++ b/internal/autocert/manager.go
@@ -11,6 +11,7 @@ import (
 	"net/http"
 	"sort"
 	"sync"
+	"sync/atomic"
 	"time"
 
 	"github.com/caddyserver/certmagic"
@@ -19,7 +20,6 @@ import (
 	"go.uber.org/zap"
 
 	"github.com/pomerium/pomerium/config"
-	"github.com/pomerium/pomerium/internal/atomicutil"
 	"github.com/pomerium/pomerium/internal/httputil"
 	"github.com/pomerium/pomerium/internal/log"
 	"github.com/pomerium/pomerium/internal/telemetry/metrics"
@@ -48,7 +48,7 @@ type Manager struct {
 	mu                  sync.RWMutex
 	config              *config.Config
 	certmagic           *certmagic.Config
-	acmeMgr             *atomicutil.Value[*certmagic.ACMEIssuer]
+	acmeMgr             atomic.Pointer[certmagic.ACMEIssuer]
 	srv                 *http.Server
 	acmeTLSALPNListener net.Listener
 
@@ -90,7 +90,6 @@ func newManager(ctx context.Context,
 	mgr := &Manager{
 		src:          src,
 		acmeTemplate: acmeTemplate,
-		acmeMgr:      atomicutil.NewValue(new(certmagic.ACMEIssuer)),
 		certmagic:    certmagicConfig,
 		ocspCache:    ocspRespCache,
 	}
@@ -265,6 +264,7 @@ func (mgr *Manager) renewCert(ctx context.Context, domain string, cert certmagic
 
 func (mgr *Manager) updateAutocert(ctx context.Context, cfg *config.Config) error {
 	if !cfg.Options.AutocertOptions.Enable {
+		mgr.acmeMgr.Store(nil)
 		return nil
 	}