diff options
author | Florian Apolloner <[email protected]> | 2024-05-07 05:38:26 +0200 |
---|---|---|
committer | GitHub <[email protected]> | 2024-05-07 03:38:26 +0000 |
commit | c97292b255c144dfa9f1ea1dfcdec3b82717110d (patch) | |
tree | 0e68c5c848742ff8b26cab8206e2bf79137f3aa2 | |
parent | b52271061d2524d2e5ca46946e9288f664da51c5 (diff) | |
download | caddy-c97292b255c144dfa9f1ea1dfcdec3b82717110d.tar.gz caddy-c97292b255c144dfa9f1ea1dfcdec3b82717110d.zip |
caddypki: Allow use of root CA without a key. Fixes #6290 (#6298)
* Allow usage of root CA without a key. Fixes #6290
* Update modules/caddypki/crypto.go
---------
Co-authored-by: Matt Holt <[email protected]>
-rw-r--r-- | modules/caddypki/crypto.go | 19 |
1 files changed, 11 insertions, 8 deletions
diff --git a/modules/caddypki/crypto.go b/modules/caddypki/crypto.go index 386ce6292..324a4fcfa 100644 --- a/modules/caddypki/crypto.go +++ b/modules/caddypki/crypto.go @@ -78,18 +78,21 @@ func (kp KeyPair) Load() (*x509.Certificate, crypto.Signer, error) { if err != nil { return nil, nil, err } - keyData, err := os.ReadFile(kp.PrivateKey) - if err != nil { - return nil, nil, err - } - cert, err := pemDecodeSingleCert(certData) if err != nil { return nil, nil, err } - key, err := certmagic.PEMDecodePrivateKey(keyData) - if err != nil { - return nil, nil, err + + var key crypto.Signer + if kp.PrivateKey != "" { + keyData, err := os.ReadFile(kp.PrivateKey) + if err != nil { + return nil, nil, err + } + key, err = certmagic.PEMDecodePrivateKey(keyData) + if err != nil { + return nil, nil, err + } } return cert, key, nil |