Update pki with changes in smallstep/cli

2019-09-26 15:23:32 -07:00 · 2019-09-26 15:23:32 -07:00 · caaba4a80d
commit caaba4a80d
parent b9b0c2e2d6
1 changed files with 12 additions and 3 deletions
--- a/pki/pki.go
+++ b/pki/pki.go
@ -403,6 +403,13 @@ func (p *PKI) GenerateConfig(opt ...Option) (*authority.Config, error) {
 		return nil, errors.Wrap(err, "error serializing private key")
 	}

+	prov := &provisioner.JWK{
+		Name:         p.provisioner,
+		Type:         "JWK",
+		Key:          p.ottPublicKey,
+		EncryptedKey: key,
+	}
+
 	config := &authority.Config{
 		Root:             []string{p.root},
 		FederatedRoots:   []string{},
@ -417,9 +424,7 @@ func (p *PKI) GenerateConfig(opt ...Option) (*authority.Config, error) {
 		},
 		AuthorityConfig: &authority.AuthConfig{
 			DisableIssuedAtCheck: false,
-			Provisioners: provisioner.List{
-				&provisioner.JWK{Name: p.provisioner, Type: "jwk", Key: p.ottPublicKey, EncryptedKey: key},
-			},
+			Provisioners:         provisioner.List{prov},
 		},
 		TLS: &tlsutil.TLSOptions{
 			MinVersion:    x509util.DefaultTLSMinVersion,
@ -429,10 +434,14 @@ func (p *PKI) GenerateConfig(opt ...Option) (*authority.Config, error) {
 		},
 	}
 	if p.enableSSH {
+		enableSSHCA := true
 		config.SSH = &authority.SSHConfig{
 			HostKey: p.sshHostKey,
 			UserKey: p.sshUserKey,
 		}
+		prov.Claims = &provisioner.Claims{
+			EnableSSHCA: &enableSSHCA,
+		}
 	}

 	// Apply configuration modifiers