MCPcopy
hub / github.com/caddyserver/caddy / Provision

Method Provision

modules/caddytls/capools.go:317–345  ·  view source on GitHub ↗

Loads the PKI app and loads the intermediate certificates into the certificate pool

(ctx caddy.Context)

Source from the content-addressed store, hash-verified

315
316// Loads the PKI app and loads the intermediate certificates into the certificate pool
317func (p *PKIIntermediateCAPool) Provision(ctx caddy.Context) error {
318 pkiApp, err := ctx.AppIfConfigured("pki")
319 if err != nil {
320 return fmt.Errorf("pki_intermediate CA pool requires that a PKI app is configured: %v", err)
321 }
322 pki := pkiApp.(*caddypki.PKI)
323 for _, caID := range p.Authority {
324 c, err := pki.GetCA(ctx, caID)
325 if err != nil || c == nil {
326 return fmt.Errorf("getting CA %s: %v", caID, err)
327 }
328 p.ca = append(p.ca, c)
329 }
330
331 caPool := x509.NewCertPool()
332 var certs []*x509.Certificate
333 for _, ca := range p.ca {
334 for _, c := range ca.IntermediateCertificateChain() {
335 if c == nil {
336 return fmt.Errorf("CA %s has a nil certificate in its intermediate chain", ca.ID)
337 }
338 caPool.AddCert(c)
339 certs = append(certs, c)
340 }
341 }
342 p.pool = caPool
343 p.certs = certs
344 return nil
345}
346
347// Syntax:
348//

Callers

nothing calls this directly

Calls 3

AppIfConfiguredMethod · 0.80
GetCAMethod · 0.80

Tested by

no test coverage detected