(fl caddycmd.Flags)
| 100 | } |
| 101 | |
| 102 | func cmdTrust(fl caddycmd.Flags) (int, error) { |
| 103 | caID := fl.String("ca") |
| 104 | addrFlag := fl.String("address") |
| 105 | configFlag := fl.String("config") |
| 106 | configAdapterFlag := fl.String("adapter") |
| 107 | |
| 108 | // Prepare the URI to the admin endpoint |
| 109 | if caID == "" { |
| 110 | caID = DefaultCAID |
| 111 | } |
| 112 | |
| 113 | // Determine where we're sending the request to get the CA info |
| 114 | adminAddr, err := caddycmd.DetermineAdminAPIAddress(addrFlag, nil, configFlag, configAdapterFlag) |
| 115 | if err != nil { |
| 116 | return caddy.ExitCodeFailedStartup, fmt.Errorf("couldn't determine admin API address: %v", err) |
| 117 | } |
| 118 | |
| 119 | // Fetch the root cert from the admin API |
| 120 | rootCert, err := rootCertFromAdmin(adminAddr, caID) |
| 121 | if err != nil { |
| 122 | return caddy.ExitCodeFailedStartup, err |
| 123 | } |
| 124 | |
| 125 | // Set up the CA struct; we only need to fill in the root |
| 126 | // because we're only using it to make use of the installRoot() |
| 127 | // function. Also needs a logger for warnings, and a "cert path" |
| 128 | // for the root cert; since we're loading from the API and we |
| 129 | // don't know the actual storage path via this flow, we'll just |
| 130 | // pass through the admin API address instead. |
| 131 | ca := CA{ |
| 132 | log: caddy.Log(), |
| 133 | root: rootCert, |
| 134 | rootCertPath: adminAddr + path.Join(adminPKIEndpointBase, "ca", caID), |
| 135 | } |
| 136 | |
| 137 | // Install the cert! |
| 138 | err = ca.installRoot() |
| 139 | if err != nil { |
| 140 | return caddy.ExitCodeFailedStartup, err |
| 141 | } |
| 142 | |
| 143 | return caddy.ExitCodeSuccess, nil |
| 144 | } |
| 145 | |
| 146 | func cmdUntrust(fl caddycmd.Flags) (int, error) { |
| 147 | certFile := fl.String("cert") |
nothing calls this directly
no test coverage detected