local cert_ok;
print"Checking certificates..."
local x509_verify_identity = require"util.x509".verify_identity;
+ local create_context = require "core.certmanager".create_context;
local ssl = dependencies.softreq"ssl";
-- local datetime_parse = require"util.datetime".parse_x509;
local load_cert = ssl and ssl.loadcertificate;
for host in enabled_hosts() do
print("Checking certificate for "..host);
-- First, let's find out what certificate this host uses.
- local ssl_config = config.rawget(host, "ssl");
- if not ssl_config then
- local base_host = host:match("%.(.*)");
- ssl_config = config.get(base_host, "ssl");
- end
- if not ssl_config then
- print(" No 'ssl' option defined for "..host)
+ local host_ssl_config = config.rawget(host, "ssl")
+ or config.rawget(host:match("%.(.*)"), "ssl");
+ local global_ssl_config = config.rawget("*", "ssl");
+ local ok, err, ssl_config = create_context(host, "server", host_ssl_config, global_ssl_config);
+ if not ok then
+ print(" Error: "..err);
cert_ok = false
elseif not ssl_config.certificate then
print(" No 'certificate' set in ssl option for "..host)
projects / prosody.git / commitdiff