From a3f46bb9d92fb615718cc117af561d75270f966a Mon Sep 17 00:00:00 2001
From: Francis Lavoie <lavofr@gmail.com>
Date: Mon, 25 Apr 2022 23:18:52 -0400
Subject: [PATCH] caddypki: Fix `caddy trust` command to use the correct API
 endpoint

---
 modules/caddypki/command.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/modules/caddypki/command.go b/modules/caddypki/command.go
index 9b64c61368e..c26c19ad908 100644
--- a/modules/caddypki/command.go
+++ b/modules/caddypki/command.go
@@ -133,7 +133,7 @@ func cmdTrust(fl caddycmd.Flags) (int, error) {
 	ca := CA{
 		log:          caddy.Log(),
 		root:         rootCert,
-		rootCertPath: adminAddr + path.Join(adminPKIEndpointBase, caID, "certificates"),
+		rootCertPath: adminAddr + path.Join(adminPKIEndpointBase, "ca", caID),
 	}
 
 	// Install the cert!
@@ -207,7 +207,7 @@ func cmdUntrust(fl caddycmd.Flags) (int, error) {
 
 // rootCertFromAdmin makes the API request to fetch the root certificate for the named CA via admin API.
 func rootCertFromAdmin(adminAddr string, caID string) (*x509.Certificate, error) {
-	uri := path.Join(adminPKIEndpointBase, caID, "certificates")
+	uri := path.Join(adminPKIEndpointBase, "ca", caID)
 
 	// Make the request to fetch the CA info
 	resp, err := caddycmd.AdminAPIRequest(adminAddr, http.MethodGet, uri, make(http.Header), nil)