2022-04-16 20:24:32 +00:00
|
|
|
package hsm
|
|
|
|
|
|
|
|
|
|
import (
|
2022-04-19 14:48:32 +00:00
|
|
|
"context"
|
2022-04-16 20:24:32 +00:00
|
|
|
"log"
|
|
|
|
|
)
|
|
|
|
|
|
2022-04-19 14:48:32 +00:00
|
|
|
func EnsureCAKeysAndCertificates(ctx context.Context) error {
|
|
|
|
|
var label string
|
|
|
|
|
|
|
|
|
|
conf := GetSignerConfig(ctx)
|
2022-04-16 20:24:32 +00:00
|
|
|
|
2022-04-19 14:48:32 +00:00
|
|
|
for _, label := range conf.RootCAs() {
|
|
|
|
|
crt, err := GetRootCACertificate(ctx, label)
|
2022-04-16 20:24:32 +00:00
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
log.Printf("got root CA certificate:\n Subject %s\n Issuer %s\n Valid from %s until %s\n Serial %s",
|
2022-04-19 14:48:32 +00:00
|
|
|
crt.Subject,
|
|
|
|
|
crt.Issuer,
|
|
|
|
|
crt.NotBefore,
|
|
|
|
|
crt.NotAfter,
|
|
|
|
|
crt.SerialNumber)
|
2022-04-16 20:24:32 +00:00
|
|
|
}
|
|
|
|
|
|
2022-04-19 14:48:32 +00:00
|
|
|
for _, label = range conf.IntermediaryCAs() {
|
|
|
|
|
crt, err := GetIntermediaryCACertificate(ctx, label)
|
2022-04-16 20:24:32 +00:00
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2022-04-19 14:48:32 +00:00
|
|
|
|
|
|
|
|
log.Printf("got intermediary CA certificate:\n Subject %s\n Issuer %s\n Valid from %s until %s\n Serial %s",
|
|
|
|
|
crt.Subject,
|
|
|
|
|
crt.Issuer,
|
|
|
|
|
crt.NotBefore,
|
|
|
|
|
crt.NotAfter,
|
|
|
|
|
crt.SerialNumber)
|
2022-04-16 20:24:32 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return nil
|
|
|
|
|
}
|
