forked from TrueCloudLab/certificates
Progress?
This commit is contained in:
Carl Tashian
parent
ef9e31cd92
commit
055e75f394
2 changed files with 32 additions and 8 deletions
|
|
@ -80,6 +80,14 @@ type Authority struct {
|
|||
adminMutex sync.RWMutex
|
||||
}
|
||||
|
||||
type AuthorityInfo struct {
|
||||
StartTime time.Time
|
||||
RootX509Certs []*x509.Certificate
|
||||
SSHCAUserCerts []ssh.PublicKey
|
||||
SSHCAHostCerts []ssh.PublicKey
|
||||
}
|
||||
|
||||
|
||||
// New creates and initiates a new Authority type.
|
||||
func New(cfg *config.Config, opts ...Option) (*Authority, error) {
|
||||
err := cfg.Validate()
|
||||
|
|
@ -311,7 +319,6 @@ func (a *Authority) init() error {
|
|||
for _, crt := range a.rootX509Certs {
|
||||
sum := sha256.Sum256(crt.Raw)
|
||||
a.certificates.Store(hex.EncodeToString(sum[:]), crt)
|
||||
log.Printf("X.509 Root Fingerprint: %s", hex.EncodeToString(sum[:]))
|
||||
}
|
||||
|
||||
a.rootX509CertPool = x509.NewCertPool()
|
||||
|
|
@ -540,13 +547,6 @@ func (a *Authority) init() error {
|
|||
a.templates.Data["Step"] = tmplVars
|
||||
}
|
||||
|
||||
if tmplVars.SSH.HostKey != nil {
|
||||
log.Printf("SSH Host CA Key: %s\n", ssh.MarshalAuthorizedKey(tmplVars.SSH.HostKey))
|
||||
}
|
||||
if tmplVars.SSH.UserKey != nil {
|
||||
log.Printf("SSH User CA Key: %s\n", ssh.MarshalAuthorizedKey(tmplVars.SSH.UserKey))
|
||||
}
|
||||
|
||||
// JWT numeric dates are seconds.
|
||||
a.startTime = time.Now().Truncate(time.Second)
|
||||
// Set flag indicating that initialization has been completed, and should
|
||||
|
|
@ -567,6 +567,16 @@ func (a *Authority) GetAdminDatabase() admin.DB {
|
|||
return a.adminDB
|
||||
}
|
||||
|
||||
func (a *Authority) GetAuthorityInfo() *AuthorityInfo {
|
||||
return &AuthorityInfo{
|
||||
StartTime: a.startTime,
|
||||
RootX509Certs: a.rootX509Certs,
|
||||
SSHCAUserCerts: a.sshCAUserCerts,
|
||||
SSHCAHostCerts: a.sshCAHostCerts,
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
// IsAdminAPIEnabled returns a boolean indicating whether the Admin API has
|
||||
// been enabled.
|
||||
func (a *Authority) IsAdminAPIEnabled() bool {
|
||||
|
|
|
|||
14
ca/ca.go
14
ca/ca.go
|
|
@ -3,6 +3,8 @@ package ca
|
|||
import (
|
||||
"crypto/tls"
|
||||
"crypto/x509"
|
||||
"crypto/sha256"
|
||||
"encoding/hex"
|
||||
"fmt"
|
||||
"log"
|
||||
"net/http"
|
||||
|
|
@ -297,6 +299,18 @@ func (ca *CA) Run() error {
|
|||
errs := make(chan error, 1)
|
||||
|
||||
if !ca.opts.quiet {
|
||||
authorityInfo := ca.auth.GetAuthorityInfo()
|
||||
log.Printf("Address: %s", ca.config.Address)
|
||||
for _, crt := range authorityInfo.RootX509Certs {
|
||||
sum := sha256.Sum256(crt.Raw)
|
||||
log.Printf("X.509 Root Fingerprint: %s", hex.EncodeToString(sum[:]))
|
||||
}
|
||||
if ca.config.SSH != nil {
|
||||
log.Printf("SSH Host CA Key: %s\n", ca.config.SSH.HostKey)
|
||||
}
|
||||
if ca.config.SSH != nil {
|
||||
log.Printf("SSH User CA Key: %s\n", ca.config.SSH.UserKey)
|
||||
}
|
||||
log.Printf("Documentation: https://u.step.sm/docs/ca")
|
||||
log.Printf("Community Discord: https://u.step.sm/discord")
|
||||
log.Printf("Config File: %s", ca.opts.configFile)
|
||||
|
|
|
|||
Loading…
Reference in a new issue