MCPcopy
hub / github.com/caddyserver/caddy / certmagicConfig

Method certmagicConfig

admin.go:612–645  ·  view source on GitHub ↗
(logger *zap.Logger, makeCache bool)

Source from the content-addressed store, hash-verified

610}
611
612func (ident *IdentityConfig) certmagicConfig(logger *zap.Logger, makeCache bool) *certmagic.Config {
613 var cmCfg *certmagic.Config
614 if ident == nil {
615 // user might not have configured identity; that's OK, we can still make a
616 // certmagic config, although it'll be mostly useless for remote management
617 ident = new(IdentityConfig)
618 }
619 // Choose storage: prefer the package-level test override when present,
620 // otherwise use the configured DefaultStorage. Tests may set an override
621 // to divert storage into a temporary location. Otherwise, in production
622 // we use the DefaultStorage since we don't want to act as part of a
623 // cluster; this storage is for the server's local identity only.
624 var storage certmagic.Storage
625 if testCertMagicStorageOverride != nil {
626 storage = testCertMagicStorageOverride
627 } else {
628 storage = DefaultStorage
629 }
630 template := certmagic.Config{
631 Storage: storage,
632 Logger: logger,
633 Issuers: ident.issuers,
634 }
635 if makeCache {
636 identityCertCache = certmagic.NewCache(certmagic.CacheOptions{
637 GetConfigForCert: func(certmagic.Certificate) (*certmagic.Config, error) {
638 return cmCfg, nil
639 },
640 Logger: logger.Named("cache"),
641 })
642 }
643 cmCfg = certmagic.New(identityCertCache, template)
644 return cmCfg
645}
646
647// IdentityCredentials returns this instance's configured, managed identity credentials
648// that can be used in TLS client authentication.

Callers 3

manageIdentityFunction · 0.80
replaceRemoteAdminServerFunction · 0.80
IdentityCredentialsMethod · 0.80

Calls

no outgoing calls

Tested by

no test coverage detected