From 33fdea8f261c306a47b07a6df2c3cb8fe2ad2d5d Mon Sep 17 00:00:00 2001
From: Jonathan Garcia <116393282+joga84@users.noreply.github.com>
Date: Tue, 8 Nov 2022 20:13:46 +0100
Subject: [PATCH] caddypki: Prefer user-configured root instead of generating
 new one (#5189)

instead of generating a new root certificate at the default location
load the certificate from the configuration.
fixes: #5181
---
 modules/caddypki/ca.go | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/modules/caddypki/ca.go b/modules/caddypki/ca.go
index 41e78a6ba..acf8d14d6 100644
--- a/modules/caddypki/ca.go
+++ b/modules/caddypki/ca.go
@@ -240,6 +240,9 @@ func (ca *CA) NewAuthority(authorityConfig AuthorityConfig) (*authority.Authorit
 }
 
 func (ca CA) loadOrGenRoot() (rootCert *x509.Certificate, rootKey any, err error) {
+	if ca.Root != nil {
+		return ca.Root.Load()
+	}
 	rootCertPEM, err := ca.storage.Load(ca.ctx, ca.storageKeyRootCert())
 	if err != nil {
 		if !errors.Is(err, fs.ErrNotExist) {