You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When the "db" property is not set in ca.json, and you are using an ACME provisioner, the ACME provisioner does not work, and gives no indication of this to the user at startup. (The endpoints just 404).
Steps to Reproduce
# generate basic CA:
step ca init --context testing
# Enter options as follows:
# Standalone
# Testing
# localhost
# :1443
# admin
# admin
# make pw file to prevent interactivity
echo "admin" > admin.txt
# start CA in background, runs on port :1443
step-ca --context testing --password-file admin.txt &
# add the ACME provisioner
step ca provisioner add acme --type ACME --context testing
# DIVERGENCE POINT -- Skip this step to see normal behavior.
# Make "db" property go missing in ca.json, causing none to load
sed -i 's/db/db2/' .step/authorities/testing/config/ca.json
# restart server
pkill step-ca
step-ca --context testing --password-file admin.txt &
# request /acme/acme/directory URL
curl -k https://localhost:1443/acme/acme/directory
# returns 404 :(
# (or 200 if you skipped the divergent step)
Your Environment
OS - Debian "bookworm", kernel 6.1.0-28-amd
step-ca Version - Smallstep CA/0.28.1 (linux/amd64)
Expected Behavior
I expected step-ca to either:
fail to start, with an explicit error message that db is required for an ACME provisioner;
start with a warning, telling me the ACME provisioner is disabled as it requires a database.
Actual Behavior
step-ca starts normally, but there is no ACME functionality, despite not informing the user of this.
Additional Context
No response
Contributing
Vote on this issue by adding a 👍 reaction.
To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already).
The text was updated successfully, but these errors were encountered:
TL;DR
When the "db" property is not set in
ca.json
, and you are using an ACME provisioner, the ACME provisioner does not work, and gives no indication of this to the user at startup. (The endpoints just 404).Steps to Reproduce
Your Environment
step-ca
Version -Smallstep CA/0.28.1 (linux/amd64)
Expected Behavior
I expected
step-ca
to either:db
is required for an ACME provisioner;Actual Behavior
step-ca
starts normally, but there is no ACME functionality, despite not informing the user of this.Additional Context
No response
Contributing
Vote on this issue by adding a 👍 reaction.
To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already).
The text was updated successfully, but these errors were encountered: