luxolus
/
open-consul
2
0
Fork 0
Code Issues 1 Pull Requests Packages Releases Wiki Activity

connect: generate intermediate at same time as root (#6272) 

Generate intermediate at same time as root
Co-Authored-By: Freddy <freddygv@users.noreply.github.com>
This commit is contained in:
Todd Radel 2019-08-02 15:36:03 -04:00 committed by GitHub
parent 871ebb9dc2
commit 295abd82c3
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 10 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
agent/consul/leader_connect.go
View File

@ -209,12 +209,21 @@ func (s *Server) initializeRootCA(provider ca.Provider, conf *structs.CAConfigur
if err != nil {
return fmt.Errorf("error getting root cert: %v", err)
}
rootCA, err := parseCARoot(rootPEM, conf.Provider, conf.ClusterID)
if err != nil {
return err
}
// Also create the intermediate CA, which is the one that actually signs leaf certs
interPEM, err := provider.GenerateIntermediate()
if err != nil {
return fmt.Errorf("error generating intermediate cert: %v", err)
}
_, err = connect.ParseCert(interPEM)
if err != nil {
return fmt.Errorf("error getting intermediate cert: %v", err)
}
commonConfig, err := conf.GetCommonConfig()
if err != nil {
return err