wire SkipValidation further into SCEP provisioner

Author: mishaslavin

authority/authority.go

@@ -707,8 +707,9 @@ func (a *Authority) init() error {
 	case a.requiresSCEP() && a.GetSCEP() == nil:
 		if a.scepOptions == nil {
 			options := &scep.Options{
-				Roots:         a.rootX509Certs,
-				Intermediates: a.intermediateX509Certs,
+				Roots:          a.rootX509Certs,
+				Intermediates:  a.intermediateX509Certs,
+				SkipValidation: a.config.SkipValidation,
 			}
 
 			// intermediate certificates can be empty in RA mode

scep/options.go

@@ -26,6 +26,9 @@ type Options struct {
 	// are used to be able to load the provisioners when the SCEP authority is being
 	// validated.
 	SCEPProvisionerNames []string
+	// SkipValidation is used to skip the validation of the options, when implementing custom
+	// integrations
+	SkipValidation       bool
 }
 
 type comparablePublicKey interface {
@@ -34,6 +37,9 @@ type comparablePublicKey interface {
 
 // Validate checks the fields in Options.
 func (o *Options) Validate() error {
+	if o.SkipValidation {
+		return nil
+	}
 	switch {
 	case len(o.Intermediates) == 0:
 		return errors.New("no intermediate certificate available for SCEP authority")