You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficserver.apache.org by zw...@apache.org on 2022/12/09 21:00:45 UTC
[trafficserver] branch 9.2.x updated: Fail out when intermediate certificate chain fails to load (#9230)
This is an automated email from the ASF dual-hosted git repository.
zwoop pushed a commit to branch 9.2.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/9.2.x by this push:
new 81ac3e1fa Fail out when intermediate certificate chain fails to load (#9230)
81ac3e1fa is described below
commit 81ac3e1fa57190d1816f1cadefb67bad3c21aa28
Author: Serris Lew <se...@gmail.com>
AuthorDate: Fri Dec 9 10:19:03 2022 -0800
Fail out when intermediate certificate chain fails to load (#9230)
Co-authored-by: Serris Lew <ls...@apple.com>
(cherry picked from commit e1f2f5b8abf65448da5f93898695e5581456c921)
---
iocore/net/SSLUtils.cc | 2 ++
1 file changed, 2 insertions(+)
diff --git a/iocore/net/SSLUtils.cc b/iocore/net/SSLUtils.cc
index 9e60b2024..bb129cf43 100644
--- a/iocore/net/SSLUtils.cc
+++ b/iocore/net/SSLUtils.cc
@@ -2426,6 +2426,8 @@ SSLMultiCertConfigLoader::load_certs(SSL_CTX *ctx, const std::vector<std::string
// Load up any additional chain certificates
if (!SSL_CTX_add_extra_chain_cert_bio(ctx, bio.get())) {
Debug("ssl_load", "couldn't add chain to %p", ctx);
+ SSLError("failed to load intermediate certificate chain from %s", cert_names_list[i].c_str());
+ return false;
}
if (secret_key_data.empty()) {