summaryrefslogtreecommitdiff
path: root/caddyconfig
diff options
context:
space:
mode:
authorKyle McCullough <kylemcc@gmail.com>2022-12-05 23:12:26 -0800
committerGitHub <noreply@github.com>2022-12-06 00:12:26 -0700
commitbfaf2a8201b83d7369772cb6f2439abe66d9342a (patch)
tree6be62eee5163d018dcf2214c77195abeda280ea9 /caddyconfig
parentfef9cb3e05ea071cdfd9ed1a6be5c8dcabf6603e (diff)
acme_server: Configurable default lifetime for issued certificates (#5232)
* acme_server: add certificate lifetime configuration option Signed-off-by: Kyle McCullough <kylemcc@gmail.com> * pki: allow intermediate cert lifetime to be configured Signed-off-by: Kyle McCullough <kylemcc@gmail.com> Signed-off-by: Kyle McCullough <kylemcc@gmail.com>
Diffstat (limited to 'caddyconfig')
-rw-r--r--caddyconfig/httpcaddyfile/pkiapp.go18
1 files changed, 15 insertions, 3 deletions
diff --git a/caddyconfig/httpcaddyfile/pkiapp.go b/caddyconfig/httpcaddyfile/pkiapp.go
index a67ac99..3414636 100644
--- a/caddyconfig/httpcaddyfile/pkiapp.go
+++ b/caddyconfig/httpcaddyfile/pkiapp.go
@@ -15,6 +15,7 @@
package httpcaddyfile
import (
+ "github.com/caddyserver/caddy/v2"
"github.com/caddyserver/caddy/v2/caddyconfig"
"github.com/caddyserver/caddy/v2/caddyconfig/caddyfile"
"github.com/caddyserver/caddy/v2/modules/caddypki"
@@ -28,9 +29,10 @@ func init() {
//
// pki {
// ca [<id>] {
-// name <name>
-// root_cn <name>
-// intermediate_cn <name>
+// name <name>
+// root_cn <name>
+// intermediate_cn <name>
+// intermediate_lifetime <duration>
// root {
// cert <path>
// key <path>
@@ -83,6 +85,16 @@ func parsePKIApp(d *caddyfile.Dispenser, existingVal any) (any, error) {
}
pkiCa.IntermediateCommonName = d.Val()
+ case "intermediate_lifetime":
+ if !d.NextArg() {
+ return nil, d.ArgErr()
+ }
+ dur, err := caddy.ParseDuration(d.Val())
+ if err != nil {
+ return nil, err
+ }
+ pkiCa.IntermediateLifetime = caddy.Duration(dur)
+
case "root":
if pkiCa.Root == nil {
pkiCa.Root = new(caddypki.KeyPair)