# HG changeset patch # User Matthew Wild # Date 1266077541 0 # Node ID e8fc67b7382037f0b26ed8b096f6861b216df930 # Parent ce5b5d7f87c3eafbd5e3a5751e328df766036b67 certmanager: Bring back the friendly errors when failing to load the key/certificate file diff -r ce5b5d7f87c3 -r e8fc67b73820 core/certmanager.lua --- a/core/certmanager.lua Sat Feb 13 15:34:33 2010 +0000 +++ b/core/certmanager.lua Sat Feb 13 16:12:21 2010 +0000 @@ -1,4 +1,5 @@ local configmanager = require "core.configmanager"; +local log = require "util.logger".init("certmanager"); local ssl = ssl; local ssl_newcontext = ssl and ssl.newcontext; @@ -21,7 +22,33 @@ function get_context(host, mode, config) local ssl_config = config and config.core.ssl or default_ssl_config; if ssl and ssl_config then - return ssl_newcontext(setmetatable(ssl_config, mode == "client" and default_ssl_ctx_mt or default_ssl_ctx_in_mt)); + local ctx, err = ssl_newcontext(setmetatable(ssl_config, mode == "client" and default_ssl_ctx_mt or default_ssl_ctx_in_mt)); + if not ctx then + err = err or "invalid ssl config" + local file = err:match("^error loading (.-) %("); + if file then + if file == "private key" then + file = ssl_config.key or "your private key"; + elseif file == "certificate" then + file = ssl_config.certificate or "your certificate file"; + end + local reason = err:match("%((.+)%)$") or "some reason"; + if reason == "Permission denied" then + reason = "Check that the permissions allow Prosody to read this file."; + elseif reason == "No such file or directory" then + reason = "Check that the path is correct, and the file exists."; + elseif reason == "system lib" then + reason = "Previous error (see logs), or other system error."; + else + reason = "Reason: "..tostring(reason or "unknown"):lower(); + end + log("error", "SSL/TLS: Failed to load %s: %s", file, reason); + else + log("error", "SSL/TLS: Error initialising for host %s: %s", host, err ); + end + ssl = false + end + return ctx, err; end return nil; end