prosody
a36af4570b39

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

Changeset

10237:a36af4570b39

core.certmanager: Lower severity for tls config not having cert This is needed for SNI where certificates are in separate per-hostname contexts, not the main one. If there is a cert, it will still require a corresponding key.
author Kim Alvefur <zash@zash.se>
date Sat, 07 Sep 2019 00:00:40 +0200
parents 10235:6c804b6b2ca2
children 10238:9cfefd57da05
files core/certmanager.lua
diffstat 1 files changed, 4 insertions(+), 2 deletions(-) [+]
line wrap: on
line diff
--- a/core/certmanager.lua	Sun Sep 01 02:05:33 2019 +0200
+++ b/core/certmanager.lua	Sat Sep 07 00:00:40 2019 +0200
@@ -169,8 +169,10 @@
 	local user_ssl_config = cfg:final();
 
 	if mode == "server" then
-		if not user_ssl_config.certificate then return nil, "No certificate present in SSL/TLS configuration for "..host; end
-		if not user_ssl_config.key then return nil, "No key present in SSL/TLS configuration for "..host; end
+		if not user_ssl_config.certificate then
+			log("info", "No certificate present in SSL/TLS configuration for %s. SNI will be required.", host);
+		end
+		if user_ssl_config.certificate and not user_ssl_config.key then return nil, "No key present in SSL/TLS configuration for "..host; end
 	end
 
 	for option in pairs(path_options) do