From 21c63605beb22c7dc526433115a1b909843887ee Mon Sep 17 00:00:00 2001 From: "alina.dmitrieva" Date: Wed, 31 Jul 2024 21:18:13 +0300 Subject: [PATCH] FEATURE Added ability to get Ecdsa Root CA content --- wfe2/wfe.go | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/wfe2/wfe.go b/wfe2/wfe.go index f0d24090cef..c878ab16103 100644 --- a/wfe2/wfe.go +++ b/wfe2/wfe.go @@ -57,6 +57,7 @@ const ( newAcctPath = "/acme/new-acct" acctPath = "/acme/acct/" caRootPath = "/ca-root" + caEcdsaRootPath = "/ca-ecdsa-root" // When we moved to authzv2, we used a "-v3" suffix to avoid confusion // regarding ACMEv2. authzPath = "/acme/authz-v3/" @@ -436,6 +437,7 @@ func (wfe *WebFrontEndImpl) Handler(stats prometheus.Registerer, oTelHTTPOptions wfe.HandleFunc(m, directoryPath, wfe.Directory, "GET", "POST") wfe.HandleFunc(m, newNoncePath, wfe.Nonce, "GET", "POST") wfe.HandleFunc(m, caRootPath, wfe.CARoot, "GET") + wfe.HandleFunc(m, caEcdsaRootPath, wfe.CAEcdsaRoot, "GET") // POST-as-GETable ACME endpoints // TODO(@cpu): After November 1st, 2020 support for "GET" to the following // endpoints will be removed, leaving only POST-as-GET support. @@ -528,6 +530,24 @@ func (wfe *WebFrontEndImpl) CARoot( response.Write(caRoot) } +// CAEcdsaRoot returns ecdsa Root CA content +func (wfe *WebFrontEndImpl) CAEcdsaRoot( + ctx context.Context, + logEvent *web.RequestEvent, + response http.ResponseWriter, + request *http.Request) { + filePath := "test/certs/webpki/root-ecdsa.cert.pem" + caEcdsaRoot, err := ioutil.ReadFile(filePath) + + if err != nil { + prob := probs.ServerInternal(fmt.Sprintf("could not get ecdsa root ca: %v", err)) + wfe.sendError(response, logEvent, prob, nil) + return + } + + response.Write(caEcdsaRoot) +} + // Directory is an HTTP request handler that provides the directory // object stored in the WFE's DirectoryEndpoints member with paths prefixed // using the `request.Host` of the HTTP request.