diff --git a/authority/authority.go b/authority/authority.go index 4af92f5e..1ea0936c 100644 --- a/authority/authority.go +++ b/authority/authority.go @@ -96,7 +96,11 @@ func (a *Authority) init() error { // Initialize key manager if it has not been set in the options. if a.keyManager == nil { - a.keyManager, err = kms.New(context.Background(), *a.config.KMS) + var options kmsapi.Options + if a.config.KMS != nil { + options = *a.config.KMS + } + a.keyManager, err = kms.New(context.Background(), options) if err != nil { return err } @@ -150,7 +154,7 @@ func (a *Authority) init() error { } signer, err := a.keyManager.CreateSigner(&kmsapi.CreateSignerRequest{ SigningKey: a.config.IntermediateKey, - Password: a.config.Password, + Password: []byte(a.config.Password), }) if err != nil { return err @@ -164,7 +168,7 @@ func (a *Authority) init() error { if a.config.SSH.HostKey != "" { signer, err := a.keyManager.CreateSigner(&kmsapi.CreateSignerRequest{ SigningKey: a.config.SSH.HostKey, - Password: a.config.Password, + Password: []byte(a.config.Password), }) if err != nil { return err @@ -180,7 +184,7 @@ func (a *Authority) init() error { if a.config.SSH.UserKey != "" { signer, err := a.keyManager.CreateSigner(&kmsapi.CreateSignerRequest{ SigningKey: a.config.SSH.UserKey, - Password: a.config.Password, + Password: []byte(a.config.Password), }) if err != nil { return err