()
| 313 | } |
| 314 | |
| 315 | func (ca CA) genRoot() (rootCert *x509.Certificate, rootKey crypto.Signer, err error) { |
| 316 | repl := ca.newReplacer() |
| 317 | |
| 318 | rootCert, rootKey, err = generateRoot(repl.ReplaceAll(ca.RootCommonName, "")) |
| 319 | if err != nil { |
| 320 | return nil, nil, fmt.Errorf("generating CA root: %v", err) |
| 321 | } |
| 322 | rootCertPEM, err := pemEncodeCert(rootCert.Raw) |
| 323 | if err != nil { |
| 324 | return nil, nil, fmt.Errorf("encoding root certificate: %v", err) |
| 325 | } |
| 326 | err = ca.storage.Store(ca.ctx, ca.storageKeyRootCert(), rootCertPEM) |
| 327 | if err != nil { |
| 328 | return nil, nil, fmt.Errorf("saving root certificate: %v", err) |
| 329 | } |
| 330 | rootKeyPEM, err := certmagic.PEMEncodePrivateKey(rootKey) |
| 331 | if err != nil { |
| 332 | return nil, nil, fmt.Errorf("encoding root key: %v", err) |
| 333 | } |
| 334 | err = ca.storage.Store(ca.ctx, ca.storageKeyRootKey(), rootKeyPEM) |
| 335 | if err != nil { |
| 336 | return nil, nil, fmt.Errorf("saving root key: %v", err) |
| 337 | } |
| 338 | |
| 339 | return rootCert, rootKey, nil |
| 340 | } |
| 341 | |
| 342 | func (ca CA) loadOrGenIntermediate(rootCert *x509.Certificate, rootKey crypto.Signer) (interCertChain []*x509.Certificate, interKey crypto.Signer, err error) { |
| 343 | var interCert *x509.Certificate |
no test coverage detected