summaryrefslogtreecommitdiff
path: root/modules/caddypki
diff options
context:
space:
mode:
authorMatthew Holt <mholt@users.noreply.github.com>2020-05-06 16:02:21 -0600
committerMatthew Holt <mholt@users.noreply.github.com>2020-05-06 16:02:21 -0600
commit8dbc5f70a51aa17fa1ec9c2a34361d0b5d3ccae5 (patch)
treeb046851ea37227b546dc096b499ad0c9ea39955c /modules/caddypki
parent07c6076ea0b3acf30be5ca200b9ee5b84b1a2e0d (diff)
Update dependencies and get rid of placeholder hacks in CA code
With the latest commit on smallstep/certificates, placeholders in config are no longer needed.
Diffstat (limited to 'modules/caddypki')
-rw-r--r--modules/caddypki/ca.go23
1 files changed, 5 insertions, 18 deletions
diff --git a/modules/caddypki/ca.go b/modules/caddypki/ca.go
index 610e7f6..641f006 100644
--- a/modules/caddypki/ca.go
+++ b/modules/caddypki/ca.go
@@ -176,23 +176,6 @@ func (ca CA) IntermediateKey() interface{} {
// NewAuthority returns a new Smallstep-powered signing authority for this CA.
func (ca CA) NewAuthority(authorityConfig AuthorityConfig) (*authority.Authority, error) {
- cfg := &authority.Config{
- // TODO: eliminate these placeholders / needless values
- // see https://github.com/smallstep/certificates/issues/218
- Address: "placeholder_Address:1",
- Root: []string{"placeholder_Root"},
- IntermediateCert: "placeholder_IntermediateCert",
- IntermediateKey: "placeholder_IntermediateKey",
- DNSNames: []string{"placeholder_DNSNames"},
-
- AuthorityConfig: authorityConfig.AuthConfig,
- DB: authorityConfig.DB,
- }
- // TODO: this also seems unnecessary, see above issue
- if cfg.AuthorityConfig == nil {
- cfg.AuthorityConfig = new(authority.AuthConfig)
- }
-
// get the root certificate and the issuer cert+key
rootCert := ca.RootCertificate()
var issuerCert *x509.Certificate
@@ -209,7 +192,11 @@ func (ca CA) NewAuthority(authorityConfig AuthorityConfig) (*authority.Authority
issuerKey = ca.IntermediateKey()
}
- auth, err := authority.New(cfg,
+ auth, err := authority.NewEmbedded(
+ authority.WithConfig(&authority.Config{
+ AuthorityConfig: authorityConfig.AuthConfig,
+ DB: authorityConfig.DB,
+ }),
authority.WithX509Signer(issuerCert, issuerKey.(crypto.Signer)),
authority.WithX509RootCerts(rootCert),
)