summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJonathan Garcia <116393282+joga84@users.noreply.github.com>2022-11-08 20:13:46 +0100
committerGitHub <noreply@github.com>2022-11-08 12:13:46 -0700
commit33fdea8f261c306a47b07a6df2c3cb8fe2ad2d5d (patch)
tree53d2146515013be2decfdc9ac93e780b1158ef8d
parent6efd1b3bb1217841269e67930cba33992fb96930 (diff)
caddypki: Prefer user-configured root instead of generating new one (#5189)
instead of generating a new root certificate at the default location load the certificate from the configuration. fixes: #5181
-rw-r--r--modules/caddypki/ca.go3
1 files changed, 3 insertions, 0 deletions
diff --git a/modules/caddypki/ca.go b/modules/caddypki/ca.go
index 41e78a6..acf8d14 100644
--- a/modules/caddypki/ca.go
+++ b/modules/caddypki/ca.go
@@ -240,6 +240,9 @@ func (ca *CA) NewAuthority(authorityConfig AuthorityConfig) (*authority.Authorit
}
func (ca CA) loadOrGenRoot() (rootCert *x509.Certificate, rootKey any, err error) {
+ if ca.Root != nil {
+ return ca.Root.Load()
+ }
rootCertPEM, err := ca.storage.Load(ca.ctx, ca.storageKeyRootCert())
if err != nil {
if !errors.Is(err, fs.ErrNotExist) {