certmanager: Apply global ssl config later so certificate/key is not overwritten...

author Kim Alvefur <zash@zash.se>

Fri, 5 Feb 2016 14:03:39 +0000 (15:03 +0100)

committer Kim Alvefur <zash@zash.se>

Fri, 5 Feb 2016 14:03:39 +0000 (15:03 +0100)
author Kim Alvefur <zash@zash.se>
Fri, 5 Feb 2016 14:03:39 +0000 (15:03 +0100)
committer Kim Alvefur <zash@zash.se>
Fri, 5 Feb 2016 14:03:39 +0000 (15:03 +0100)
diff --git a/core/certmanager.lua b/core/certmanager.lua

index b1ff648dab7f91c6f8f31c3e47653a180d6143ba..f671599823720afd65d38374726be3a2aa3eb0ec 100644 (file)
--- a/core/certmanager.lua
+++ b/core/certmanager.lua
@@ -120,7 +120,6 @@ end
  local function create_context(host, mode, ...)
         local cfg = new_config();
         cfg:apply(core_defaults);
-       cfg:apply(global_ssl_config);
         local service_name, port = host:match("^(%w+) port (%d+)$");
         if service_name then
                 cfg:apply(find_service_cert(service_name, tonumber(port)));
@@ -132,6 +131,7 @@ local function create_context(host, mode, ...)
                 -- We can't read the password interactively when daemonized
                 password = function() log("error", "Encrypted certificate for %s requires 'ssl' 'password' to be set in config", host); end;
         });
+       cfg:apply(global_ssl_config);
  
         for i = select('#', ...), 1, -1 do
                 cfg:apply(select(i, ...));
author	Kim Alvefur <zash@zash.se>
	Fri, 5 Feb 2016 14:03:39 +0000 (15:03 +0100)
committer	Kim Alvefur <zash@zash.se>
	Fri, 5 Feb 2016 14:03:39 +0000 (15:03 +0100)