acme_server: Configurable default lifetime for issued certificates (#5232)

* acme_server: add certificate lifetime configuration option Signed-off-by: Kyle McCullough <kylemcc@gmail.com> * pki: allow intermediate cert lifetime to be configured Signed-off-by: Kyle McCullough <kylemcc@gmail.com> Signed-off-by: Kyle McCullough <kylemcc@gmail.com>
author: Kyle McCullough <kylemcc@gmail.com> 2022-12-05 23:12:26 -0800
committer: GitHub <noreply@github.com> 2022-12-06 00:12:26 -0700
commit: bfaf2a8201b83d7369772cb6f2439abe66d9342a (patch)
tree: 6be62eee5163d018dcf2214c77195abeda280ea9 /modules/caddypki/certificates.go
parent: fef9cb3e05ea071cdfd9ed1a6be5c8dcabf6603e (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/modules/caddypki/certificates.go b/modules/caddypki/certificates.go
index c3b88a1..e300429 100644
--- a/modules/caddypki/certificates.go
+++ b/modules/caddypki/certificates.go
@@ -35,8 +35,8 @@ func generateRoot(commonName string) (*x509.Certificate, crypto.Signer, error) {
 	return root, signer, nil
 }
 
-func generateIntermediate(commonName string, rootCrt *x509.Certificate, rootKey crypto.Signer) (*x509.Certificate, crypto.Signer, error) {
-	template, signer, err := newCert(commonName, x509util.DefaultIntermediateTemplate, defaultIntermediateLifetime)
+func generateIntermediate(commonName string, rootCrt *x509.Certificate, rootKey crypto.Signer, lifetime time.Duration) (*x509.Certificate, crypto.Signer, error) {
+	template, signer, err := newCert(commonName, x509util.DefaultIntermediateTemplate, lifetime)
 	if err != nil {
 		return nil, nil, err
 	}
author	Kyle McCullough <kylemcc@gmail.com>	2022-12-05 23:12:26 -0800
committer	GitHub <noreply@github.com>	2022-12-06 00:12:26 -0700
commit	bfaf2a8201b83d7369772cb6f2439abe66d9342a (patch)
tree	6be62eee5163d018dcf2214c77195abeda280ea9 /modules/caddypki/certificates.go
parent	fef9cb3e05ea071cdfd9ed1a6be5c8dcabf6603e (diff)