Add ca.WithInsecure and use methods for file names

ca/client.go

@@ -238,6 +238,17 @@ func WithTransport(tr http.RoundTripper) ClientOption {
 	}
 }
 
+// WithInsecure adds a insecure transport that bypasses TLS verification.
+func WithInsecure() ClientOption {
+	return func(o *clientOptions) error {
+		o.transport = &http.Transport{
+			Proxy:           http.ProxyFromEnvironment,
+			TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
+		}
+		return nil
+	}
+}
+
 // WithRootFile will create the transport using the given root certificate. It
 // will fail if a previous option to create the transport has been configured.
 func WithRootFile(filename string) ClientOption {

ca/identity/identity.go

@@ -72,11 +72,11 @@ func LoadDefaultIdentity() (*Identity, error) {
 }
 
 func profileConfigDir() string {
-	return filepath.Join(step.ProfilePath(), "config")
+	return filepath.Join(step.Path(), "config")
 }
 
 func profileIdentityDir() string {
-	return filepath.Join(step.ProfilePath(), "identity")
+	return filepath.Join(step.Path(), "identity")
 }
 
 // WriteDefaultIdentity writes the given certificates and key and the

pki/pki.go

@@ -376,15 +376,12 @@ func New(o apiv1.Options, opts ...Option) (*PKI, error) {
 	}
 
 	// Create profile directory and stub for default profile configuration.
-	if currentCtx := step.GetCurrentContext(); currentCtx != nil {
+	if currentCtx := step.Contexts().GetCurrent(); currentCtx != nil {
 		profile := GetProfileConfigPath()
 		if err := os.MkdirAll(profile, 0700); err != nil {
 			return nil, errs.FileError(err, profile)
 		}
-		if p.profileDefaults, err = getPath(profile, "defaults.json"); err != nil {
-			return nil, err
-		}
-		if err := ioutil.WriteFile(p.profileDefaults,
+		if err := ioutil.WriteFile(step.ProfileDefaultsFile(),
 			[]byte("{}"), 0600); err != nil {
 			return nil, err
 		}