- local handler, err = server.addserver(interface, port, listener, mode, ssl);
- if not handler then
- log("error", "Failed to open server port %d on %s, %s", port, interface, error_to_friendly_message(service_name, port, err));
- else
- log("debug", "Added listening service %s to [%s]:%d", service_name, interface, port);
- active_services:add(service_name, interface, port, {
- server = handler;
- service = service_info;
- });
+ local err;
+ -- Create SSL context for this service/port
+ if service_info.encryption == "ssl" then
+ local global_ssl_config = config.get("*", "ssl") or {};
+ local prefix_ssl_config = config.get("*", config_prefix.."ssl") or global_ssl_config;
+ ssl, err = certmanager.create_context(service_info.name.." port "..port, "server",
+ service_info.ssl_config or {},
+ prefix_ssl_config[interface],
+ prefix_ssl_config[port],
+ prefix_ssl_config,
+ global_ssl_config[interface],
+ global_ssl_config[port]);
+ if not ssl then
+ log("error", "Error binding encrypted port for %s: %s", service_info.name, error_to_friendly_message(service_name, port_number, err) or "unknown error");
+ end
+ end
+ if not err then
+ -- Start listening on interface+port
+ local handler, err = server.addserver(interface, port_number, listener, mode, ssl);
+ if not handler then
+ log("error", "Failed to open server port %d on %s, %s", port_number, interface, error_to_friendly_message(service_name, port_number, err));
+ else
+ table.insert(hooked_ports, "["..interface.."]:"..port_number);
+ log("debug", "Added listening service %s to [%s]:%d", service_name, interface, port_number);
+ active_services:add(service_name, interface, port_number, {
+ server = handler;
+ service = service_info;
+ });
+ end