diff --git a/authority/authority.go b/authority/authority.go index cc26635e..516c8130 100644 --- a/authority/authority.go +++ b/authority/authority.go @@ -294,8 +294,6 @@ func (a *Authority) init() error { return err } a.rootX509Certs = append(a.rootX509Certs, resp.RootCertificate) - sum := sha256.Sum256(resp.RootCertificate.Raw) - log.Printf("Using root fingerprint '%s'", hex.EncodeToString(sum[:])) } } @@ -313,6 +311,7 @@ func (a *Authority) init() error { for _, crt := range a.rootX509Certs { sum := sha256.Sum256(crt.Raw) a.certificates.Store(hex.EncodeToString(sum[:]), crt) + log.Printf("X.509 Root Fingerprint: %s", hex.EncodeToString(sum[:])) } a.rootX509CertPool = x509.NewCertPool() @@ -541,6 +540,13 @@ func (a *Authority) init() error { a.templates.Data["Step"] = tmplVars } + if tmplVars.SSH.HostKey != nil { + log.Printf("SSH Host CA Key: %s\n", ssh.MarshalAuthorizedKey(tmplVars.SSH.HostKey)) + } + if tmplVars.SSH.HostKey != nil { + log.Printf("SSH User CA Key: %s\n", ssh.MarshalAuthorizedKey(tmplVars.SSH.UserKey)) + } + // JWT numeric dates are seconds. a.startTime = time.Now().Truncate(time.Second) // Set flag indicating that initialization has been completed, and should diff --git a/ca/ca.go b/ca/ca.go index c95ba22f..3be03e34 100644 --- a/ca/ca.go +++ b/ca/ca.go @@ -288,6 +288,9 @@ func (ca *CA) Run() error { var wg sync.WaitGroup errs := make(chan error, 1) + log.Printf("Documentation: https://u.step.sm/docs/ca") + log.Printf("Config File: %s", ca.opts.configFile) + if ca.insecureSrv != nil { wg.Add(1) go func() {