diff options
author | Kim Alvefur <zash@zash.se> | 2021-05-27 09:22:07 +0200 |
---|---|---|
committer | Kim Alvefur <zash@zash.se> | 2021-05-27 09:22:07 +0200 |
commit | 8df4b320f4989fc7b0e0b54a2536a9009a2e7879 (patch) | |
tree | 909f155e3eae8e79c2dc5b85daad28b03c518193 | |
parent | 01c869407dce484716ba1f0d9e359383c63fce6b (diff) | |
download | prosody-8df4b320f4989fc7b0e0b54a2536a9009a2e7879.tar.gz prosody-8df4b320f4989fc7b0e0b54a2536a9009a2e7879.zip |
core.certmanager: Skip service certificate lookup for https client
Quick Fix\u{2122} to stop prevent certmanager from automatically adding
a client certificate for net.http.request, since this normally does not
require such.
-rw-r--r-- | core/certmanager.lua | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/core/certmanager.lua b/core/certmanager.lua index 4d2649b0..753eb4d5 100644 --- a/core/certmanager.lua +++ b/core/certmanager.lua @@ -264,7 +264,8 @@ local function create_context(host, mode, ...) local cfg = new_config(); cfg:apply(core_defaults); local service_name, port = host:match("^(%S+) port (%d+)$"); - if service_name then + -- port 0 is used with client-only things that normally don't need certificates, e.g. https + if service_name and port ~= "0" then log("debug", "Automatically locating certs for service %s on port %s", service_name, port); cfg:apply(find_service_cert(service_name, tonumber(port))); else |