Changing to SkipSCEPValidation & addressing code

review comments

Author: mishaslavin

authority/authority.go

@@ -709,7 +709,7 @@ func (a *Authority) init() error {
 			options := &scep.Options{
 				Roots:          a.rootX509Certs,
 				Intermediates:  a.intermediateX509Certs,
-				SkipValidation: a.config.SkipValidation,
+				SkipValidation: a.config.SkipSCEPValidation,
 			}
 
 			// intermediate certificates can be empty in RA mode

authority/config/config.go

@@ -85,6 +85,7 @@ type Config struct {
 	CRL              *CRLConfig           `json:"crl,omitempty"`
 	MetricsAddress   string               `json:"metricsAddress,omitempty"`
 	SkipValidation   bool                 `json:"-"`
+	SkipSCEPValidation bool               `json:"-"`
 
 	// Keeps record of the filename the Config is read from
 	loadedFromFilepath string

scep/options.go

@@ -26,8 +26,7 @@ type Options struct {
 	// are used to be able to load the provisioners when the SCEP authority is being
 	// validated.
 	SCEPProvisionerNames []string
-	// SkipValidation is used to skip the validation of the options, when implementing custom
-	// integrations
+	// SkipValidation is used to skip the validation of the SCEP options.
 	SkipValidation       bool
 }
 
@@ -37,12 +36,10 @@ type comparablePublicKey interface {
 
 // Validate checks the fields in Options.
 func (o *Options) Validate() error {
-	if o.SkipValidation {
-		return nil
-	}
 	switch {
+	case o.SkipValidation:
+	        return nil
 	case len(o.Intermediates) == 0:
-		return errors.New("no intermediate certificate available for SCEP authority")
 	case o.SignerCert == nil:
 		return errors.New("no signer certificate available for SCEP authority")
 	}