loolwsd/LOOLWSD.cpp | 9 +++++++++ loolwsd/loolwsd.xml | 1 + 2 files changed, 10 insertions(+)
New commits: commit 31200eec6f753f6606d1510f1ba6c064639341a1 Author: Pranav Kant <pran...@collabora.com> Date: Fri Mar 25 08:12:37 2016 +0530 loolwsd: Add CA path during SSL initialize Change-Id: I09071b5fc0c32360524506c92f444ed8c6d8e0df diff --git a/loolwsd/LOOLWSD.cpp b/loolwsd/LOOLWSD.cpp index d299c38..caeb378 100644 --- a/loolwsd/LOOLWSD.cpp +++ b/loolwsd/LOOLWSD.cpp @@ -1067,12 +1067,21 @@ void LOOLWSD::initializeSSL() Log::info("SSL Key file: " + ssl_key_file_path); + auto ssl_ca_file_path = conf.getString("ssl.ca_file_path"); + if (conf.getBool("ssl.ca_file_path[@relative]")) + { + ssl_ca_file_path = Poco::Path(Application::instance().commandPath()).parent().append(ssl_ca_file_path).toString(); + } + + Log::info("SSL CA file: " + ssl_ca_file_path); + Poco::Crypto::initializeCrypto(); Poco::Net::initializeSSL(); Poco::Net::Context::Params sslParams; sslParams.certificateFile = ssl_cert_file_path; sslParams.privateKeyFile = ssl_key_file_path; + sslParams.caLocation = ssl_ca_file_path; // Don't ask clients for certificate sslParams.verificationMode = Poco::Net::Context::VERIFY_NONE; diff --git a/loolwsd/loolwsd.xml b/loolwsd/loolwsd.xml index 5945ba2..d058910 100644 --- a/loolwsd/loolwsd.xml +++ b/loolwsd/loolwsd.xml @@ -2,6 +2,7 @@ <ssl desc="SSL settings"> <cert_file_path desc="Path to the cert file" relative="false">/etc/loolwsd/cert.pem</cert_file_path> <key_file_path desc="Path to the key file" relative="false">/etc/loolwsd/key.pem</key_file_path> + <ca_file_path desc="Path to the ca file" relative="false">/etc/loolwsd/CollaboraCloudSuiteCA_ca-chain.cert.pem</ca_file_path> </ssl> <storage desc="Backend storage"> <filesystem allow="true"> _______________________________________________ Libreoffice-commits mailing list libreoffice-comm...@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits