Update docs to reflect ability to load cold CA certs to output full chains. (#3740)
This commit is contained in:
parent
19b4062801
commit
39dd122663
|
@ -102,8 +102,8 @@ func ParsePKIJSON(input []byte) (*ParsedCertBundle, error) {
|
|||
|
||||
// ParsePEMBundle takes a string of concatenated PEM-format certificate
|
||||
// and private key values and decodes/parses them, checking validity along
|
||||
// the way. There must be at max two certificates (a certificate and its
|
||||
// issuing certificate) and one private key.
|
||||
// the way. The first certificate must be the subject certificate and issuing
|
||||
// certificates may follow. There must be at most one private key.
|
||||
func ParsePEMBundle(pemBundle string) (*ParsedCertBundle, error) {
|
||||
if len(pemBundle) == 0 {
|
||||
return nil, errutil.UserError{"empty pem bundle"}
|
||||
|
|
|
@ -175,9 +175,14 @@ $ curl \
|
|||
## Submit CA Information
|
||||
|
||||
This endpoint allows submitting the CA information for the backend via a PEM
|
||||
file containing the CA certificate and its private key, concatenated. Not needed
|
||||
if you are generating a self-signed root certificate, and not used if you have a
|
||||
signed intermediate CA certificate with a generated key (use the
|
||||
file containing the CA certificate and its private key, concatenated.
|
||||
|
||||
May optionally append additional CA certificates. Useful when creating an
|
||||
intermediate CA to ensure a full chain is returned when signing or generating
|
||||
certificates.
|
||||
|
||||
Not needed if you are generating a self-signed root certificate, and not used
|
||||
if you have a signed intermediate CA certificate with a generated key (use the
|
||||
`/pki/intermediate/set-signed` endpoint for that). _If you have already set a
|
||||
certificate and key, they will be overridden._
|
||||
|
||||
|
|
Loading…
Reference in a new issue