Software /
code /
prosody-modules
Diff
mod_checkcerts/mod_checkcerts.lua @ 1880:a7c1f1b6ef05
mod_checkcerts: Improve error handling when loading certificate
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Tue, 29 Sep 2015 14:56:46 +0200 |
parent | 1879:18123e0f5d58 |
child | 2945:ec7f9c8f2a5f |
line wrap: on
line diff
--- a/mod_checkcerts/mod_checkcerts.lua Tue Sep 29 14:53:16 2015 +0200 +++ b/mod_checkcerts/mod_checkcerts.lua Tue Sep 29 14:56:46 2015 +0200 @@ -50,15 +50,18 @@ end local certfile = ssl_config.certificate; - local fh = io.open(certfile); -- Load the file. - cert = fh and fh:read"*a"; - fh = fh and fh:close(); - local cert = cert and load_cert(cert); -- And parse + local fh, ferr = io.open(certfile); -- Load the file. + if not fh then + log("warn", "Could not open certificate %s", ferr); + return; + end + local cert, lerr = load_cert(fh:read("*a")); -- And parse + fh:close(); + if not cert then + log("warn", "Could not parse certificate %s: %s", certfile, lerr or ""); + return; + end - if not cert then - module:log("warn", "No certificate configured for this host, please fix this and reload this module to check expiry"); - return - end local expires_at = parse_x509_datetime(cert:notafter()); local expires_in = os.difftime(expires_at, now); local fmt = "Certificate %s expires in %s"