RepoMirrors/haproxy
1
0
Fork 0
mirror of http://git.haproxy.org/git/haproxy.git/ synced 2025-02-12 16:37:20 +00:00
Code Issues Packages Projects Releases Wiki Activity

MINOR: ssl: add the SSL error string when failing to load a certificate

Browse Source 
Add the SSL error string when failing to load a certificate in
ssl_sock_load_pem_into_ckch(). It's difficult to know what happen when no
descriptive errror are emitted.

Example:
[ALERT]    (1264006) : config : parsing [ssl_default_server.cfg:51] : 'bind /tmp/ssl.sock' in section 'listen' : unable to load certificate chain from file 'reg-tests/ssl//common.pem': ASN no PEM Header Error
This commit is contained in:
William Lallemand 2022-10-25 12:31:39 +02:00
parent d08a25b1f1
commit f784b90eae
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/ssl_ckch.c
View File

@ -633,8 +633,8 @@ int ssl_sock_load_pem_into_ckch(const char *path, char *buf, struct cert_key_and
ret = ERR_get_error();
if (ret && (ERR_GET_LIB(ret) != ERR_LIB_PEM && ERR_GET_REASON(ret) != PEM_R_NO_START_LINE)) {
memprintf(err, "%sunable to load certificate chain from file '%s'.\n",
err && *err ? *err : "", path);
memprintf(err, "%sunable to load certificate chain from file '%s': %s\n",
err && *err ? *err : "", path, ERR_reason_error_string(ret));
goto end;
}