mirror of
https://git.haproxy.org/git/haproxy.git/
synced 2026-02-26 19:52:06 +01:00
MINOR: ssl: checks the consistency of a private key with the corresponding certificate
This commit is contained in:
parent
a7aa309c44
commit
61694ab373
@ -391,6 +391,13 @@ static int ssl_sock_load_cert_file(const char *path, struct bind_conf *bind_conf
|
||||
SSL_CTX_free(ctx);
|
||||
return 1;
|
||||
}
|
||||
|
||||
if (SSL_CTX_check_private_key(ctx) <= 0) {
|
||||
memprintf(err, "%sinconsistencies between private key and certificate loaded from PEM file '%s'.\n",
|
||||
err && *err ? *err : "", path);
|
||||
return 1;
|
||||
}
|
||||
|
||||
/* we must not free the SSL_CTX anymore below, since it's already in
|
||||
* the tree, so it will be discovered and cleaned in time.
|
||||
*/
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user