out_error "server.lua: wrong server sslctx"\r
ssl = false\r
end\r
- sslctx, err = ssl_newcontext( sslctx )\r
- if not sslctx then\r
+ local ctx;\r
+ ctx, err = ssl_newcontext( sslctx )\r
+ if not ctx then\r
err = err or "wrong sslctx parameters"\r
- out_error( "server.lua: ", err )\r
+ local file;\r
+ file = err:match("^error loading (.-) %(");\r
+ if file then\r
+ if file == "private key" then\r
+ file = sslctx.key or "your private key";\r
+ elseif file == "certificate" then\r
+ file = sslctx.certificate or "your certificate file";\r
+ end\r
+ local reason = err:match("%((.+)%)$") or "some reason";\r
+ if reason == "Permission denied" then\r
+ reason = "Check that the permissions allow Prosody to read this file.";\r
+ elseif reason == "No such file or directory" then\r
+ reason = "Check that the path is correct, and the file exists.";\r
+ elseif reason == "system lib" then\r
+ reason = "Previous error (see logs), or other system error.";\r
+ else\r
+ reason = "Reason: "..tostring(reason or "unknown"):lower();\r
+ end\r
+ log("error", "SSL/TLS: Failed to load %s: %s", file, reason);\r
+ else\r
+ log("error", "SSL/TLS: Error initialising for port %d: %s", serverport, err );\r
+ end\r
ssl = false\r
end\r
+ sslctx = ctx;\r
end\r
if not ssl then\r
sslctx = false;\r
if startssl then\r
- out_error( "server.lua: Cannot start ssl on port: ", serverport )\r
+ log("error", "Failed to listen on port %d due to SSL/TLS to SSL/TLS initialisation errors (see logs)", serverport )\r
return nil, "Cannot start ssl, see log for details"\r
- else\r
- out_put("server.lua: ", "ssl not enabled on ", serverport);\r
end\r
end\r
\r