54 lines
1.1 KiB
Go
54 lines
1.1 KiB
Go
package hsm
|
|
|
|
import (
|
|
"context"
|
|
"log"
|
|
)
|
|
|
|
func EnsureCAKeysAndCertificates(ctx context.Context) error {
|
|
var label string
|
|
|
|
conf := GetSignerConfig(ctx)
|
|
|
|
for _, label := range conf.RootCAs() {
|
|
crt, err := GetRootCACertificate(ctx, label)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
if IsVerbose(ctx) {
|
|
log.Printf(
|
|
"found root CA certificate %s:\n Subject %s\n Issuer %s\n Valid from %s until %s\n Serial %s",
|
|
label,
|
|
crt.Subject,
|
|
crt.Issuer,
|
|
crt.NotBefore,
|
|
crt.NotAfter,
|
|
crt.SerialNumber)
|
|
} else {
|
|
log.Printf("found root CA certificate %s: %s", label, crt.Subject.CommonName)
|
|
}
|
|
}
|
|
|
|
for _, label = range conf.IntermediaryCAs() {
|
|
crt, err := GetIntermediaryCACertificate(ctx, label)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
if IsVerbose(ctx) {
|
|
log.Printf(
|
|
"found intermediary CA certificate %s:\n Subject %s\n Issuer %s\n Valid from %s until %s\n Serial %s",
|
|
label,
|
|
crt.Subject,
|
|
crt.Issuer,
|
|
crt.NotBefore,
|
|
crt.NotAfter,
|
|
crt.SerialNumber)
|
|
} else {
|
|
log.Printf("found intermediary CA certificate %s: %s", label, crt.Subject.CommonName)
|
|
}
|
|
}
|
|
|
|
return nil
|
|
}
|