Clarify comments by code review

This commit is contained in:
Mariano Cano 2022-09-22 11:05:06 -07:00
parent 15dc7901e5
commit 23045e1812
2 changed files with 6 additions and 5 deletions

View file

@ -378,7 +378,8 @@ func (a *Authority) init() error {
return err
}
// If not defined with an option, add intermediates to the the list
// of used for constraints purposes.
// of certificates used for name constraints validation at issuance
// time.
if len(a.intermediateX509Certs) == 0 {
a.intermediateX509Certs = append(a.intermediateX509Certs, options.CertificateChain...)
}

View file

@ -240,16 +240,16 @@ func WithX509FederatedCerts(certs ...*x509.Certificate) Option {
}
}
// WithX509RootCerts is an option that allows to define the list of intermediate
// certificates that the CA will be using. This option will replace any
// intermediate certificate defined before.
// WithX509IntermediateCerts is an option that allows to define the list of
// intermediate certificates that the CA will be using. This option will replace
// any intermediate certificate defined before.
//
// Note that these certificates will not be bundled with the certificates signed
// by the CA, the CAS service will take care of that, although they should
// match, this is not guaranteed. These certificates will be mainly used for
// constraint purposes.
//
// This option should only used on specific configurations, for example when
// This option should only be used on specific configurations, for example when
// WithX509SignerFunc is used, as we don't know the list of intermediates on
// advance.
func WithX509IntermediateCerts(intermediateCerts ...*x509.Certificate) Option {