summaryrefslogtreecommitdiff
path: root/caddyconfig/httpcaddyfile/pkiapp.go
diff options
context:
space:
mode:
Diffstat (limited to 'caddyconfig/httpcaddyfile/pkiapp.go')
-rw-r--r--caddyconfig/httpcaddyfile/pkiapp.go20
1 files changed, 20 insertions, 0 deletions
diff --git a/caddyconfig/httpcaddyfile/pkiapp.go b/caddyconfig/httpcaddyfile/pkiapp.go
index 3abcc6b..a21951d 100644
--- a/caddyconfig/httpcaddyfile/pkiapp.go
+++ b/caddyconfig/httpcaddyfile/pkiapp.go
@@ -27,15 +27,35 @@ func (st ServerType) buildPKIApp(
pkiApp := &caddypki.PKI{CAs: make(map[string]*caddypki.CA)}
+ skipInstallTrust := false
+ if _, ok := options["skip_install_trust"]; ok {
+ skipInstallTrust = true
+ }
+ falseBool := false
+
for _, p := range pairings {
for _, sblock := range p.serverBlocks {
// find all the CAs that were defined and add them to the app config
+ // i.e. from any "acme_server" directives
for _, caCfgValue := range sblock.pile["pki.ca"] {
ca := caCfgValue.Value.(*caddypki.CA)
+ if skipInstallTrust {
+ ca.InstallTrust = &falseBool
+ }
pkiApp.CAs[ca.ID] = ca
}
}
}
+ // if there was no CAs defined in any of the servers,
+ // and we were requested to not install trust, then
+ // add one for the default/local CA to do so
+ if len(pkiApp.CAs) == 0 && skipInstallTrust {
+ ca := new(caddypki.CA)
+ ca.ID = caddypki.DefaultCAID
+ ca.InstallTrust = &falseBool
+ pkiApp.CAs[ca.ID] = ca
+ }
+
return pkiApp, warnings, nil
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-11 06:19:17 +0000