From a9359522e60904277773e7fbe5d76a09fc85c1c7 Mon Sep 17 00:00:00 2001 From: Herman Slatman Date: Tue, 25 Oct 2022 11:47:54 +0200 Subject: [PATCH] Add provisioner and super admin subject output to `ca init` When initializing a CA with `--remote-management`, it wasn't made clear that the default JWK provisioner is used when authenticating for administration purposes and that a default `step` user is created to login with. This commit adds some additional information to the CLI output on completion of `ca init`. --- pki/pki.go | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/pki/pki.go b/pki/pki.go index cee3f06ab..d6c15c9e0 100644 --- a/pki/pki.go +++ b/pki/pki.go @@ -1013,6 +1013,18 @@ func (p *PKI) Save(opt ...ConfigOption) error { ui.PrintSelected("Default profile configuration", p.profileDefaults) } ui.PrintSelected("Certificate Authority configuration", p.config) + if cfg.AuthorityConfig.EnableAdmin && p.options.deploymentType != LinkedDeployment { + // TODO(hs): we may want to get this information from the DB, because that's + // where the admin and provisioner are stored in this case. Requires some + // refactoring. + superAdminSubject := "step" + if p.options.superAdminSubject != "" { + superAdminSubject = p.options.superAdminSubject + } + ui.PrintSelected("Admin provisioner", fmt.Sprintf("%s (JWK)", p.options.provisioner)) + ui.PrintSelected("Super admin subject", superAdminSubject) + } + if p.options.deploymentType != LinkedDeployment { ui.Println() if p.casOptions.Is(apiv1.SoftCAS) {