alexvanin/certificates
1
0
Fork 0
forked from TrueCloudLab/certificates
Code Pull requests Activity

Clone the certificate in case we need to look at it later.

Browse source
This commit is contained in:
Mariano Cano 2021-08-25 16:15:12 -07:00
parent 568fce201a
commit 833d28cb6a
1 changed files with 6 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
api/sshRenew.go
View file

@ -1,6 +1,7 @@
package api package api
import ( import (
"crypto/x509"
"net/http" "net/http"
"time" "time"
@ -85,7 +86,11 @@ func (h *caHandler) renewIdentityCertificate(r *http.Request, notBefore, notAfte
return nil, nil return nil, nil
} }
cert := r.TLS.PeerCertificates[0] // Clone the certificate as we can modify it.
cert, err := x509.ParseCertificate(r.TLS.PeerCertificates[0].Raw)
if err != nil {
return nil, errors.Wrap(err, "error parsing client certificate")
}
// Enforce the cert to match another certificate, for example an ssh // Enforce the cert to match another certificate, for example an ssh
// certificate. // certificate.