Archives
/
smallstep-certificates
mirror of https://github.com/smallstep/certificates
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Switch logic for SCEP initialization around

Browse Source
pull/1553/head
Herman Slatman 8 months ago
parent f1da256ca4
commit 15c46ebbaa
No known key found for this signature in database
GPG Key ID: F4D8A44EA0A75A4F
1 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File

10
authority/authority.go
Unescape Escape View File

@ -678,7 +678,11 @@ func (a *Authority) init() error {
options.Roots = a.rootX509Certs
options.Intermediates = a.intermediateX509Certs
options.SignerCert = options.Intermediates[0]
if a.config.IntermediateKey != "" {
if a.scepSigner != nil {
options.Signer = a.scepSigner
options.Decrypter = a.scepDecrypter
options.DecrypterCert = a.scepCertificate
} else {
if options.Signer, err = a.keyManager.CreateSigner(&kmsapi.CreateSignerRequest{
SigningKey: a.config.IntermediateKey,
Password: a.password,
@ -705,10 +709,6 @@ func (a *Authority) init() error {
options.DecrypterCert = options.Intermediates[0]
}
}
} else {
options.Signer = a.scepSigner
options.Decrypter = a.scepDecrypter
options.DecrypterCert = a.scepCertificate
}
// provide the current SCEP provisioner names, so that the provisioners

Write Preview
Loading…
Cancel
Save