mbiryukova/certificates
1
0
Fork 0
forked from TrueCloudLab/certificates
Code Pull requests Activity

Add provisioner and super admin subject output to ca init

Browse source 
When initializing a CA with `--remote-management`, it wasn't made
clear that the default JWK provisioner is used when authenticating
for administration purposes and that a default `step` user is
created to login with. This commit adds some additional information
to the CLI output on completion of `ca init`.
This commit is contained in:
Herman Slatman 2022-10-25 11:47:54 +02:00
parent e90fe4bfa0
commit a9359522e6
No known key found for this signature in database
GPG key ID: F4D8A44EA0A75A4F
1 changed files with 12 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
pki/pki.go
View file

@ -1013,6 +1013,18 @@ func (p *PKI) Save(opt ...ConfigOption) error {
ui.PrintSelected("Default profile configuration", p.profileDefaults)
}
ui.PrintSelected("Certificate Authority configuration", p.config)
if cfg.AuthorityConfig.EnableAdmin && p.options.deploymentType != LinkedDeployment {
// TODO(hs): we may want to get this information from the DB, because that's
// where the admin and provisioner are stored in this case. Requires some
// refactoring.
superAdminSubject := "step"
if p.options.superAdminSubject != "" {
superAdminSubject = p.options.superAdminSubject
}
ui.PrintSelected("Admin provisioner", fmt.Sprintf("%s (JWK)", p.options.provisioner))
ui.PrintSelected("Super admin subject", superAdminSubject)
}
if p.options.deploymentType != LinkedDeployment {
ui.Println()
if p.casOptions.Is(apiv1.SoftCAS) {