You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
48 lines
2.0 KiB
48 lines
2.0 KiB
From 2504f02de752aceb5a3c1d4749032147efde8082 Mon Sep 17 00:00:00 2001
|
|
From: dwmw2 <dwmw2@infradead.org>
|
|
Date: Fri, 3 Feb 2017 07:40:35 +0000
|
|
Subject: [PATCH] Add -sslkey option to allow separate cert/key files (#1195)
|
|
|
|
---
|
|
main/domoticz.cpp | 11 +++++++++++
|
|
webserver/server_settings.hpp | 2 +-
|
|
2 files changed, 12 insertions(+), 1 deletion(-)
|
|
|
|
--- a/main/domoticz.cpp
|
|
+++ b/main/domoticz.cpp
|
|
@@ -76,6 +76,7 @@ const char *szHelp=
|
|
#ifdef WWW_ENABLE_SSL
|
|
"\t-sslwww port (for example -sslwww 443, or -sslwww 0 to disable https)\n"
|
|
"\t-sslcert file_path (for example /opt/domoticz/server_cert.pem)\n"
|
|
+ "\t-sslkey file_path (if different from certificate file)\n"
|
|
"\t-sslpass passphrase (to access to server private key in certificate)\n"
|
|
"\t-sslmethod method (for SSL method)\n"
|
|
"\t-ssloptions options (for SSL options, default is 'default_workarounds,no_sslv2,single_dh_use')\n"
|
|
@@ -682,6 +683,16 @@ int main(int argc, char**argv)
|
|
return 1;
|
|
}
|
|
secure_webserver_settings.cert_file_path = cmdLine.GetSafeArgument("-sslcert", 0, "");
|
|
+ secure_webserver_settings.private_key_file_path = secure_webserver_settings.cert_file_path;
|
|
+ }
|
|
+ if (cmdLine.HasSwitch("-sslkey"))
|
|
+ {
|
|
+ if (cmdLine.GetArgumentCount("-sslkey") != 1)
|
|
+ {
|
|
+ _log.Log(LOG_ERROR, "Please specify a file path for your server SSL key file");
|
|
+ return 1;
|
|
+ }
|
|
+ secure_webserver_settings.private_key_file_path = cmdLine.GetSafeArgument("-sslkey", 0, "");
|
|
}
|
|
if (cmdLine.HasSwitch("-sslpass"))
|
|
{
|
|
--- a/webserver/server_settings.hpp
|
|
+++ b/webserver/server_settings.hpp
|
|
@@ -227,7 +227,7 @@ public:
|
|
// use certificate file for all usage by default
|
|
certificate_chain_file_path = ssl_settings.cert_file_path;
|
|
ca_cert_file_path = ssl_settings.cert_file_path;
|
|
- private_key_file_path = ssl_settings.cert_file_path;
|
|
+ private_key_file_path = ssl_settings.private_key_file_path;
|
|
tmp_dh_file_path = ssl_settings.cert_file_path;
|
|
verify_file_path = ssl_settings.cert_file_path;
|
|
}
|