Use a token at start time to configure linkedca.
Instead of using `step-ca login` we will use a new token provided as a flag to configure and start linkedca. Certificates will be kept in memory and refreshed automatically.
This commit is contained in:
Mariano Cano
parent
dd9850ce4c
commit
8fb5340dc9
7 changed files with 399 additions and 85 deletions
|
|
@ -38,6 +38,10 @@ certificate issuer private key used in the RA mode.`,
|
|||
Name: "resolver",
|
||||
Usage: "address of a DNS resolver to be used instead of the default.",
|
||||
},
|
||||
cli.StringFlag{
|
||||
Name: "token",
|
||||
Usage: "token used to enable the linked ca.",
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
|
|
@ -46,6 +50,7 @@ func appAction(ctx *cli.Context) error {
|
|||
passFile := ctx.String("password-file")
|
||||
issuerPassFile := ctx.String("issuer-password-file")
|
||||
resolver := ctx.String("resolver")
|
||||
token := ctx.String("token")
|
||||
|
||||
// If zero cmd line args show help, if >1 cmd line args show error.
|
||||
if ctx.NArg() == 0 {
|
||||
|
|
@ -88,7 +93,8 @@ func appAction(ctx *cli.Context) error {
|
|||
srv, err := ca.New(config,
|
||||
ca.WithConfigFile(configFile),
|
||||
ca.WithPassword(password),
|
||||
ca.WithIssuerPassword(issuerPassword))
|
||||
ca.WithIssuerPassword(issuerPassword),
|
||||
ca.WithLinkedCAToken(token))
|
||||
if err != nil {
|
||||
fatal(err)
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue