MCPcopy
hub / github.com/caddyserver/caddy / LoadCertificates

Method LoadCertificates

modules/caddytls/folderloader.go:63–104  ·  view source on GitHub ↗

LoadCertificates loads all the certificates+keys in the directories listed in fl from all files ending with .pem. This method of loading certificates expects the certificate and key to be bundled into the same file.

()

Source from the content-addressed store, hash-verified

61// certificates expects the certificate and key to be bundled into the
62// same file.
63func (fl FolderLoader) LoadCertificates() ([]Certificate, error) {
64 var certs []Certificate
65 for _, dir := range fl {
66 root, err := os.OpenRoot(dir)
67 if err != nil {
68 return nil, fmt.Errorf("unable to open root directory %s: %w", dir, err)
69 }
70 err = filepath.WalkDir(dir, func(fpath string, d fs.DirEntry, err error) error {
71 if err != nil {
72 return fmt.Errorf("unable to traverse into path: %s", fpath)
73 }
74 if d.IsDir() {
75 return nil
76 }
77 if !strings.HasSuffix(strings.ToLower(d.Name()), ".pem") {
78 return nil
79 }
80
81 rel, err := filepath.Rel(dir, fpath)
82 if err != nil {
83 return fmt.Errorf("unable to get relative path for %s: %w", fpath, err)
84 }
85
86 bundle, err := root.ReadFile(rel)
87 if err != nil {
88 return err
89 }
90 cert, err := tlsCertFromCertAndKeyPEMBundle(bundle)
91 if err != nil {
92 return fmt.Errorf("%s: %w", fpath, err)
93 }
94
95 certs = append(certs, Certificate{Certificate: cert})
96 return nil
97 })
98 _ = root.Close()
99 if err != nil {
100 return nil, fmt.Errorf("walking certificates directory %s: %w", dir, err)
101 }
102 }
103 return certs, nil
104}
105
106func tlsCertFromCertAndKeyPEMBundle(bundle []byte) (tls.Certificate, error) {
107 certBuilder, keyBuilder := new(bytes.Buffer), new(bytes.Buffer)

Callers

nothing calls this directly

Calls 4

ReadFileMethod · 0.80
NameMethod · 0.45
CloseMethod · 0.45

Tested by

no test coverage detected