From 33fdea8f261c306a47b07a6df2c3cb8fe2ad2d5d Mon Sep 17 00:00:00 2001 From: Jonathan Garcia <116393282+joga84@users.noreply.github.com> Date: Tue, 8 Nov 2022 20:13:46 +0100 Subject: caddypki: Prefer user-configured root instead of generating new one (#5189) instead of generating a new root certificate at the default location load the certificate from the configuration. fixes: #5181 --- modules/caddypki/ca.go | 3 +++ 1 file changed, 3 insertions(+) diff --git a/modules/caddypki/ca.go b/modules/caddypki/ca.go index 41e78a6..acf8d14 100644 --- a/modules/caddypki/ca.go +++ b/modules/caddypki/ca.go @@ -240,6 +240,9 @@ func (ca *CA) NewAuthority(authorityConfig AuthorityConfig) (*authority.Authorit } func (ca CA) loadOrGenRoot() (rootCert *x509.Certificate, rootKey any, err error) { + if ca.Root != nil { + return ca.Root.Load() + } rootCertPEM, err := ca.storage.Load(ca.ctx, ca.storageKeyRootCert()) if err != nil { if !errors.Is(err, fs.ErrNotExist) { -- cgit v1.2.3