MCPcopy
hub / github.com/caddyserver/caddy / cmdTrust

Function cmdTrust

modules/caddypki/command.go:102–144  ·  view source on GitHub ↗
(fl caddycmd.Flags)

Source from the content-addressed store, hash-verified

100}
101
102func cmdTrust(fl caddycmd.Flags) (int, error) {
103 caID := fl.String("ca")
104 addrFlag := fl.String("address")
105 configFlag := fl.String("config")
106 configAdapterFlag := fl.String("adapter")
107
108 // Prepare the URI to the admin endpoint
109 if caID == "" {
110 caID = DefaultCAID
111 }
112
113 // Determine where we're sending the request to get the CA info
114 adminAddr, err := caddycmd.DetermineAdminAPIAddress(addrFlag, nil, configFlag, configAdapterFlag)
115 if err != nil {
116 return caddy.ExitCodeFailedStartup, fmt.Errorf("couldn't determine admin API address: %v", err)
117 }
118
119 // Fetch the root cert from the admin API
120 rootCert, err := rootCertFromAdmin(adminAddr, caID)
121 if err != nil {
122 return caddy.ExitCodeFailedStartup, err
123 }
124
125 // Set up the CA struct; we only need to fill in the root
126 // because we're only using it to make use of the installRoot()
127 // function. Also needs a logger for warnings, and a "cert path"
128 // for the root cert; since we're loading from the API and we
129 // don't know the actual storage path via this flow, we'll just
130 // pass through the admin API address instead.
131 ca := CA{
132 log: caddy.Log(),
133 root: rootCert,
134 rootCertPath: adminAddr + path.Join(adminPKIEndpointBase, "ca", caID),
135 }
136
137 // Install the cert!
138 err = ca.installRoot()
139 if err != nil {
140 return caddy.ExitCodeFailedStartup, err
141 }
142
143 return caddy.ExitCodeSuccess, nil
144}
145
146func cmdUntrust(fl caddycmd.Flags) (int, error) {
147 certFile := fl.String("cert")

Callers

nothing calls this directly

Calls 3

installRootMethod · 0.95
rootCertFromAdminFunction · 0.85
StringMethod · 0.45

Tested by

no test coverage detected