summaryrefslogtreecommitdiff
path: root/modules/caddytls
diff options
context:
space:
mode:
authorFrancis Lavoie <lavofr@gmail.com>2021-12-13 14:25:35 -0500
committerGitHub <noreply@github.com>2021-12-13 12:25:35 -0700
commitc04d24cafa60e522842d5188587ab07af2082e9b (patch)
tree47037af1a6cee638f054f3b3e4a9358970f5266a /modules/caddytls
parent81ee34e9623c3ac630f46c81a26e7823d0b2bf7b (diff)
pki: Avoid provisioning the `local` CA when not necessary (#4463)
* pki: Avoid provisioning the `local` CA when not necessary * pki: Refactor CA loading to keep the logic in the PKI app
Diffstat (limited to 'modules/caddytls')
-rw-r--r--modules/caddytls/internalissuer.go15
1 files changed, 8 insertions, 7 deletions
diff --git a/modules/caddytls/internalissuer.go b/modules/caddytls/internalissuer.go
index 7a25f6d..d9b6117 100644
--- a/modules/caddytls/internalissuer.go
+++ b/modules/caddytls/internalissuer.go
@@ -19,7 +19,6 @@ import (
"context"
"crypto/x509"
"encoding/pem"
- "fmt"
"time"
"github.com/caddyserver/caddy/v2"
@@ -68,18 +67,20 @@ func (InternalIssuer) CaddyModule() caddy.ModuleInfo {
func (iss *InternalIssuer) Provision(ctx caddy.Context) error {
iss.logger = ctx.Logger(iss)
+ // set some defaults
+ if iss.CA == "" {
+ iss.CA = caddypki.DefaultCAID
+ }
+
// get a reference to the configured CA
appModule, err := ctx.App("pki")
if err != nil {
return err
}
pkiApp := appModule.(*caddypki.PKI)
- if iss.CA == "" {
- iss.CA = caddypki.DefaultCAID
- }
- ca, ok := pkiApp.CAs[iss.CA]
- if !ok {
- return fmt.Errorf("no certificate authority configured with id: %s", iss.CA)
+ ca, err := pkiApp.GetCA(iss.CA, &ctx)
+ if err != nil {
+ return err
}
iss.ca = ca