alexvanin/certificates
1
0
Fork 0
forked from TrueCloudLab/certificates
Code Pull requests Activity

Add processing of RequireEAB through Linked CA

Browse source
This commit is contained in:
Herman Slatman 2021-08-07 01:33:08 +02:00
parent 7dad7038c3
commit 71b3f65df1
No known key found for this signature in database
GPG key ID: F4D8A44EA0A75A4F
2 changed files with 11 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
authority/provisioners.go
View file

@ -514,6 +514,7 @@ func ProvisionerToCertificates(p *linkedca.Provisioner) (provisioner.Interface,
Type: p.Type.String(), Type: p.Type.String(),
Name: p.Name, Name: p.Name,
ForceCN: cfg.ForceCn, ForceCN: cfg.ForceCn,
RequireEAB: cfg.RequireEab,
Claims: claims, Claims: claims,
Options: options, Options: options,
}, nil }, nil

4
docs/provisioners.md
View file

@ -346,6 +346,7 @@ Below is an example of an ACME provisioner in the `ca.json`:
"type": "ACME", "type": "ACME",
"name": "my-acme-provisioner", "name": "my-acme-provisioner",
"forceCN": true, "forceCN": true,
"requireEAB": false,
"claims": { "claims": {
"maxTLSCertDuration": "8h", "maxTLSCertDuration": "8h",
"defaultTLSCertDuration": "2h", "defaultTLSCertDuration": "2h",
@ -361,6 +362,9 @@ Below is an example of an ACME provisioner in the `ca.json`:
* `forceCN` (optional): force one of the SANs to become the Common Name, if a * `forceCN` (optional): force one of the SANs to become the Common Name, if a
common name is not provided. common name is not provided.
* `requireEAB` (optional): require clients to provide External Account Binding
credentials when creating an ACME Account.
* `claims` (optional): overwrites the default claims set in the authority, see * `claims` (optional): overwrites the default claims set in the authority, see
the [top](#provisioners) section for all the options. the [top](#provisioners) section for all the options.