|
|
- From 2504f02de752aceb5a3c1d4749032147efde8082 Mon Sep 17 00:00:00 2001
- From: dwmw2 <dwmw2@infradead.org>
- Date: Fri, 3 Feb 2017 07:40:35 +0000
- Subject: [PATCH] Add -sslkey option to allow separate cert/key files (#1195)
-
- ---
- main/domoticz.cpp | 11 +++++++++++
- webserver/server_settings.hpp | 2 +-
- 2 files changed, 12 insertions(+), 1 deletion(-)
-
- --- a/main/domoticz.cpp
- +++ b/main/domoticz.cpp
- @@ -76,6 +76,7 @@ const char *szHelp=
- #ifdef WWW_ENABLE_SSL
- "\t-sslwww port (for example -sslwww 443, or -sslwww 0 to disable https)\n"
- "\t-sslcert file_path (for example /opt/domoticz/server_cert.pem)\n"
- + "\t-sslkey file_path (if different from certificate file)\n"
- "\t-sslpass passphrase (to access to server private key in certificate)\n"
- "\t-sslmethod method (for SSL method)\n"
- "\t-ssloptions options (for SSL options, default is 'default_workarounds,no_sslv2,single_dh_use')\n"
- @@ -682,6 +683,16 @@ int main(int argc, char**argv)
- return 1;
- }
- secure_webserver_settings.cert_file_path = cmdLine.GetSafeArgument("-sslcert", 0, "");
- + secure_webserver_settings.private_key_file_path = secure_webserver_settings.cert_file_path;
- + }
- + if (cmdLine.HasSwitch("-sslkey"))
- + {
- + if (cmdLine.GetArgumentCount("-sslkey") != 1)
- + {
- + _log.Log(LOG_ERROR, "Please specify a file path for your server SSL key file");
- + return 1;
- + }
- + secure_webserver_settings.private_key_file_path = cmdLine.GetSafeArgument("-sslkey", 0, "");
- }
- if (cmdLine.HasSwitch("-sslpass"))
- {
- --- a/webserver/server_settings.hpp
- +++ b/webserver/server_settings.hpp
- @@ -227,7 +227,7 @@ public:
- // use certificate file for all usage by default
- certificate_chain_file_path = ssl_settings.cert_file_path;
- ca_cert_file_path = ssl_settings.cert_file_path;
- - private_key_file_path = ssl_settings.cert_file_path;
- + private_key_file_path = ssl_settings.private_key_file_path;
- tmp_dh_file_path = ssl_settings.cert_file_path;
- verify_file_path = ssl_settings.cert_file_path;
- }
|
