prosody, prosodyctl: Set up TLS settings for HTTPS requests in net.http (part of fix for #659)

2 files changed, 12 insertions, 1 deletions

diff --git a/prosody b/prosody
index 0a48eba4..7d9e76b8 100755
--- a/prosody
+++ b/prosody
@@ -323,7 +323,11 @@ function load_secondary_libraries()
 		return function() end
 	end});
 
-	require "net.http"
+	local http = require "net.http"
+	local config_ssl = config.get("*", "ssl")
+	local https_client = config.get("*", "client_https_ssl")
+	http.default.options.sslctx = require "core.certmanager".create_context("client_https port 0", "client",
+		{ capath = config_ssl.capath, cafile = config_ssl.cafile, verify = "peer", }, https_client);
 
 	require "util.array"
 	require "util.datetime"
diff --git a/prosodyctl b/prosodyctl
index 800dddbf..cd58212e 100755
--- a/prosodyctl
+++ b/prosodyctl
@@ -251,6 +251,13 @@ local modulemanager = require "core.modulemanager"
 
 local prosodyctl = require "util.prosodyctl"
 local socket = require "socket"
+
+local http = require "net.http"
+local config_ssl = config.get("*", "ssl")
+local https_client = config.get("*", "client_https_ssl")
+http.default.options.sslctx = require "core.certmanager".create_context("client_https port 0", "client",
+	{ capath = config_ssl.capath, cafile = config_ssl.cafile, verify = "peer", }, https_client);
+
 -----------------------
 
 -- FIXME: Duplicate code waiting for util.startup