MCPcopy
hub / github.com/caddyserver/caddy / Provision

Method Provision

modules/caddypki/ca.go:99–183  ·  view source on GitHub ↗

Provision sets up the CA.

(ctx caddy.Context, id string, log *zap.Logger)

Source from the content-addressed store, hash-verified

97
98// Provision sets up the CA.
99func (ca *CA) Provision(ctx caddy.Context, id string, log *zap.Logger) error {
100 ca.mu = new(sync.RWMutex)
101 ca.log = log.Named("ca." + id)
102 ca.ctx = ctx
103
104 if id == "" {
105 return fmt.Errorf("CA ID is required (use 'local' for the default CA)")
106 }
107 ca.mu.Lock()
108 ca.ID = id
109 ca.mu.Unlock()
110
111 if ca.StorageRaw != nil {
112 val, err := ctx.LoadModule(ca, "StorageRaw")
113 if err != nil {
114 return fmt.Errorf("loading storage module: %v", err)
115 }
116 cmStorage, err := val.(caddy.StorageConverter).CertMagicStorage()
117 if err != nil {
118 return fmt.Errorf("creating storage configuration: %v", err)
119 }
120 ca.storage = cmStorage
121 }
122 if ca.storage == nil {
123 ca.storage = ctx.Storage()
124 }
125
126 if ca.Name == "" {
127 ca.Name = defaultCAName
128 }
129 if ca.RootCommonName == "" {
130 ca.RootCommonName = defaultRootCommonName
131 }
132 if ca.IntermediateCommonName == "" {
133 ca.IntermediateCommonName = defaultIntermediateCommonName
134 }
135 if ca.IntermediateLifetime == 0 {
136 ca.IntermediateLifetime = caddy.Duration(defaultIntermediateLifetime)
137 }
138 if ca.MaintenanceInterval == 0 {
139 ca.MaintenanceInterval = caddy.Duration(defaultMaintenanceInterval)
140 }
141 if ca.RenewalWindowRatio <= 0 || ca.RenewalWindowRatio > 1 {
142 ca.RenewalWindowRatio = defaultRenewalWindowRatio
143 }
144
145 // load the certs and key that will be used for signing
146 var rootCert *x509.Certificate
147 var rootCertChain, interCertChain []*x509.Certificate
148 var rootKey, interKey crypto.Signer
149 var err error
150 if ca.Root != nil {
151 if ca.Root.Format == "" || ca.Root.Format == "pem_file" {
152 ca.rootCertPath = ca.Root.Certificate
153 }
154 rootCertChain, rootKey, err = ca.Root.Load()
155 rootCert = rootCertChain[0]
156 } else {

Callers 2

TestInternalIssuer_IssueFunction · 0.95

Calls 8

storageKeyRootCertMethod · 0.95
loadOrGenRootMethod · 0.95
loadOrGenIntermediateMethod · 0.95
LoadModuleMethod · 0.80
StorageMethod · 0.80
DurationMethod · 0.80
LoadMethod · 0.80
CertMagicStorageMethod · 0.65

Tested by 1

TestInternalIssuer_IssueFunction · 0.76