diff options
author | Francis Lavoie <lavofr@gmail.com> | 2021-12-13 14:25:35 -0500 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-12-13 12:25:35 -0700 |
commit | c04d24cafa60e522842d5188587ab07af2082e9b (patch) | |
tree | 47037af1a6cee638f054f3b3e4a9358970f5266a /modules/caddytls | |
parent | 81ee34e9623c3ac630f46c81a26e7823d0b2bf7b (diff) |
pki: Avoid provisioning the `local` CA when not necessary (#4463)
* pki: Avoid provisioning the `local` CA when not necessary
* pki: Refactor CA loading to keep the logic in the PKI app
Diffstat (limited to 'modules/caddytls')
-rw-r--r-- | modules/caddytls/internalissuer.go | 15 |
1 files changed, 8 insertions, 7 deletions
diff --git a/modules/caddytls/internalissuer.go b/modules/caddytls/internalissuer.go index 7a25f6d..d9b6117 100644 --- a/modules/caddytls/internalissuer.go +++ b/modules/caddytls/internalissuer.go @@ -19,7 +19,6 @@ import ( "context" "crypto/x509" "encoding/pem" - "fmt" "time" "github.com/caddyserver/caddy/v2" @@ -68,18 +67,20 @@ func (InternalIssuer) CaddyModule() caddy.ModuleInfo { func (iss *InternalIssuer) Provision(ctx caddy.Context) error { iss.logger = ctx.Logger(iss) + // set some defaults + if iss.CA == "" { + iss.CA = caddypki.DefaultCAID + } + // get a reference to the configured CA appModule, err := ctx.App("pki") if err != nil { return err } pkiApp := appModule.(*caddypki.PKI) - if iss.CA == "" { - iss.CA = caddypki.DefaultCAID - } - ca, ok := pkiApp.CAs[iss.CA] - if !ok { - return fmt.Errorf("no certificate authority configured with id: %s", iss.CA) + ca, err := pkiApp.GetCA(iss.CA, &ctx) + if err != nil { + return err } iss.ca = ca |