prosody
a36af4570b39
core/certmanager.lua
Software / code / prosody
Comparison
core/certmanager.lua @ 10237:a36af4570b39
core.certmanager: Lower severity for tls config not having cert
This is needed for SNI where certificates are in separate
per-hostname contexts, not the main one.
If there is a cert, it will still require a corresponding key.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Sat, 07 Sep 2019 00:00:40 +0200 |
| parent | 10227:eeb711b92da5 |
| child | 10463:fbeb7a3fc4eb |
comparison
equal
deleted
inserted
replaced
| 10235:6c804b6b2ca2 | 10237:a36af4570b39 |
|---|---|
| 167 cfg:apply(select(i, ...)); | 167 cfg:apply(select(i, ...)); |
| 168 end | 168 end |
| 169 local user_ssl_config = cfg:final(); | 169 local user_ssl_config = cfg:final(); |
| 170 | 170 |
| 171 if mode == "server" then | 171 if mode == "server" then |
| 172 if not user_ssl_config.certificate then return nil, "No certificate present in SSL/TLS configuration for "..host; end | 172 if not user_ssl_config.certificate then |
| 173 if not user_ssl_config.key then return nil, "No key present in SSL/TLS configuration for "..host; end | 173 log("info", "No certificate present in SSL/TLS configuration for %s. SNI will be required.", host); |
| 174 end | |
| 175 if user_ssl_config.certificate and not user_ssl_config.key then return nil, "No key present in SSL/TLS configuration for "..host; end | |
| 174 end | 176 end |
| 175 | 177 |
| 176 for option in pairs(path_options) do | 178 for option in pairs(path_options) do |
| 177 if type(user_ssl_config[option]) == "string" then | 179 if type(user_ssl_config[option]) == "string" then |
| 178 user_ssl_config[option] = resolve_path(config_path, user_ssl_config[option]); | 180 user_ssl_config[option] = resolve_path(config_path, user_ssl_config[option]); |
