From cef0475e71c2b331dd9c98189a959c4953c0f700 Mon Sep 17 00:00:00 2001
From: Mariano Cano <mariano@smallstep.com>
Date: Fri, 28 Aug 2020 14:33:26 -0700
Subject: [PATCH] Make clear what's a template/unsigned certificate.

---
 authority/tls.go | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/authority/tls.go b/authority/tls.go
index 30434c97..a5474d60 100644
--- a/authority/tls.go
+++ b/authority/tls.go
@@ -378,19 +378,19 @@ func (a *Authority) GetTLSCertificate() (*tls.Certificate, error) {
 		return fatal(err)
 	}
 
-	// Generate certificate directly from the certificate request.
-	certificate, err := x509util.NewCertificate(cr)
+	// Generate certificate template directly from the certificate request.
+	template, err := x509util.NewCertificate(cr)
 	if err != nil {
 		return fatal(err)
 	}
 
-	// Get certificate template, set validity and sign it.
+	// Get x509 certificate template, set validity and sign it.
 	now := time.Now()
-	template := certificate.GetCertificate()
-	template.NotBefore = now.Add(-1 * time.Minute)
-	template.NotAfter = now.Add(24 * time.Hour)
+	certTpl := template.GetCertificate()
+	certTpl.NotBefore = now.Add(-1 * time.Minute)
+	certTpl.NotAfter = now.Add(24 * time.Hour)
 
-	cert, err := x509util.CreateCertificate(template, a.x509Issuer, cr.PublicKey, a.x509Signer)
+	cert, err := x509util.CreateCertificate(certTpl, a.x509Issuer, cr.PublicKey, a.x509Signer)
 	if err != nil {
 		return fatal(err)
 	}