diff options
| author | Mariano Cano <mariano.cano@gmail.com> | 2022-11-23 19:47:42 -0800 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-11-23 20:47:42 -0700 |
| commit | 6f8fe01da170f6e4be09f85ea952c3e0d89f64db (patch) | |
| tree | b23418b9475e6d028b277737c81a0cf23a9c7387 /modules/caddypki/ca.go | |
| parent | ac96455a9a6ac34eb8ea95339838038e725f5bee (diff) | |
caddypki: Use go.step.sm/crypto to generate the PKI (#5217)
This commit replaces the use of github.com/smallstep/cli to generate the
root and intermediate certificates and uses go.step.sm/crypto instead.
It also upgrades the version of github.com/smallstep/certificates to the
latest version.
Diffstat (limited to 'modules/caddypki/ca.go')
| -rw-r--r-- | modules/caddypki/ca.go | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/modules/caddypki/ca.go b/modules/caddypki/ca.go index acf8d14..914eddf 100644 --- a/modules/caddypki/ca.go +++ b/modules/caddypki/ca.go @@ -121,7 +121,7 @@ func (ca *CA) Provision(ctx caddy.Context, id string, log *zap.Logger) error { // load the certs and key that will be used for signing var rootCert, interCert *x509.Certificate - var rootKey, interKey any + var rootKey, interKey crypto.Signer var err error if ca.Root != nil { if ca.Root.Format == "" || ca.Root.Format == "pem_file" { @@ -239,7 +239,7 @@ func (ca *CA) NewAuthority(authorityConfig AuthorityConfig) (*authority.Authorit return auth, nil } -func (ca CA) loadOrGenRoot() (rootCert *x509.Certificate, rootKey any, err error) { +func (ca CA) loadOrGenRoot() (rootCert *x509.Certificate, rootKey crypto.Signer, err error) { if ca.Root != nil { return ca.Root.Load() } @@ -276,7 +276,7 @@ func (ca CA) loadOrGenRoot() (rootCert *x509.Certificate, rootKey any, err error return rootCert, rootKey, nil } -func (ca CA) genRoot() (rootCert *x509.Certificate, rootKey any, err error) { +func (ca CA) genRoot() (rootCert *x509.Certificate, rootKey crypto.Signer, err error) { repl := ca.newReplacer() rootCert, rootKey, err = generateRoot(repl.ReplaceAll(ca.RootCommonName, "")) @@ -303,7 +303,7 @@ func (ca CA) genRoot() (rootCert *x509.Certificate, rootKey any, err error) { return rootCert, rootKey, nil } -func (ca CA) loadOrGenIntermediate(rootCert *x509.Certificate, rootKey crypto.PrivateKey) (interCert *x509.Certificate, interKey crypto.PrivateKey, err error) { +func (ca CA) loadOrGenIntermediate(rootCert *x509.Certificate, rootKey crypto.Signer) (interCert *x509.Certificate, interKey crypto.Signer, err error) { interCertPEM, err := ca.storage.Load(ca.ctx, ca.storageKeyIntermediateCert()) if err != nil { if !errors.Is(err, fs.ErrNotExist) { @@ -338,7 +338,7 @@ func (ca CA) loadOrGenIntermediate(rootCert *x509.Certificate, rootKey crypto.Pr return interCert, interKey, nil } -func (ca CA) genIntermediate(rootCert *x509.Certificate, rootKey crypto.PrivateKey) (interCert *x509.Certificate, interKey crypto.PrivateKey, err error) { +func (ca CA) genIntermediate(rootCert *x509.Certificate, rootKey crypto.Signer) (interCert *x509.Certificate, interKey crypto.Signer, err error) { repl := ca.newReplacer() interCert, interKey, err = generateIntermediate(repl.ReplaceAll(ca.IntermediateCommonName, ""), rootCert, rootKey) |