diff options
author | bit <j@mailb.org> | 2022-11-23 18:48:37 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-11-23 11:48:37 -0700 |
commit | ac96455a9a6ac34eb8ea95339838038e725f5bee (patch) | |
tree | c0e08839183afa1754268289a9d22040fca28c4d | |
parent | ee7c92ec9b57c671c9091ff993b1a24251020c25 (diff) |
admin: fix certificate renewal for admin (#5169)
certmagic.New takes a template and returns pointer to the new config.
GetConfigForCert later must return a pointer to the new config not the
template.
fixes #5162
-rw-r--r-- | admin.go | 6 |
1 files changed, 4 insertions, 2 deletions
@@ -572,12 +572,13 @@ func replaceRemoteAdminServer(ctx Context, cfg *Config) error { } func (ident *IdentityConfig) certmagicConfig(logger *zap.Logger, makeCache bool) *certmagic.Config { + var cmCfg *certmagic.Config if ident == nil { // user might not have configured identity; that's OK, we can still make a // certmagic config, although it'll be mostly useless for remote management ident = new(IdentityConfig) } - cmCfg := &certmagic.Config{ + template := certmagic.Config{ Storage: DefaultStorage, // do not act as part of a cluster (this is for the server's local identity) Logger: logger, Issuers: ident.issuers, @@ -589,7 +590,8 @@ func (ident *IdentityConfig) certmagicConfig(logger *zap.Logger, makeCache bool) }, }) } - return certmagic.New(identityCertCache, *cmCfg) + cmCfg = certmagic.New(identityCertCache, template) + return cmCfg } // IdentityCredentials returns this instance's configured, managed identity credentials |