forked from TrueCloudLab/certificates
Update pki with changes in smallstep/cli
This commit is contained in:
parent
d0e5976c06
commit
8b8faf1b2d
1 changed files with 12 additions and 3 deletions
15
pki/pki.go
15
pki/pki.go
|
@ -403,6 +403,13 @@ func (p *PKI) GenerateConfig(opt ...Option) (*authority.Config, error) {
|
||||||
return nil, errors.Wrap(err, "error serializing private key")
|
return nil, errors.Wrap(err, "error serializing private key")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
prov := &provisioner.JWK{
|
||||||
|
Name: p.provisioner,
|
||||||
|
Type: "JWK",
|
||||||
|
Key: p.ottPublicKey,
|
||||||
|
EncryptedKey: key,
|
||||||
|
}
|
||||||
|
|
||||||
config := &authority.Config{
|
config := &authority.Config{
|
||||||
Root: []string{p.root},
|
Root: []string{p.root},
|
||||||
FederatedRoots: []string{},
|
FederatedRoots: []string{},
|
||||||
|
@ -417,9 +424,7 @@ func (p *PKI) GenerateConfig(opt ...Option) (*authority.Config, error) {
|
||||||
},
|
},
|
||||||
AuthorityConfig: &authority.AuthConfig{
|
AuthorityConfig: &authority.AuthConfig{
|
||||||
DisableIssuedAtCheck: false,
|
DisableIssuedAtCheck: false,
|
||||||
Provisioners: provisioner.List{
|
Provisioners: provisioner.List{prov},
|
||||||
&provisioner.JWK{Name: p.provisioner, Type: "jwk", Key: p.ottPublicKey, EncryptedKey: key},
|
|
||||||
},
|
|
||||||
},
|
},
|
||||||
TLS: &tlsutil.TLSOptions{
|
TLS: &tlsutil.TLSOptions{
|
||||||
MinVersion: x509util.DefaultTLSMinVersion,
|
MinVersion: x509util.DefaultTLSMinVersion,
|
||||||
|
@ -429,10 +434,14 @@ func (p *PKI) GenerateConfig(opt ...Option) (*authority.Config, error) {
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
if p.enableSSH {
|
if p.enableSSH {
|
||||||
|
enableSSHCA := true
|
||||||
config.SSH = &authority.SSHConfig{
|
config.SSH = &authority.SSHConfig{
|
||||||
HostKey: p.sshHostKey,
|
HostKey: p.sshHostKey,
|
||||||
UserKey: p.sshUserKey,
|
UserKey: p.sshUserKey,
|
||||||
}
|
}
|
||||||
|
prov.Claims = &provisioner.Claims{
|
||||||
|
EnableSSHCA: &enableSSHCA,
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// Apply configuration modifiers
|
// Apply configuration modifiers
|
||||||
|
|
Loading…
Reference in a new issue