core.certmanager: Lower severity for tls config not having cert

This is needed for SNI where certificates are in separate per-hostname contexts, not the main one. If there is a cert, it will still require a corresponding key.
author: Kim Alvefur <zash@zash.se> 2019-09-07 00:00:40 +0200
committer: Kim Alvefur <zash@zash.se> 2019-09-07 00:00:40 +0200
commit: 5bba716be9cf3b7e345164023dc89b84e7542ea1 (patch)
tree: a5db0cd02384ce4b3b866a2ef6a5e6dab2149064 /core
parent: 92b963270a4e399096f66ac9353a99574915d2e7 (diff)
download: prosody-5bba716be9cf3b7e345164023dc89b84e7542ea1.tar.gz
prosody-5bba716be9cf3b7e345164023dc89b84e7542ea1.zip
1 files changed, 4 insertions, 2 deletions
diff --git a/core/certmanager.lua b/core/certmanager.lua
index 64528c34..b20a0cdb 100644
--- a/core/certmanager.lua
+++ b/core/certmanager.lua
@@ -169,8 +169,10 @@ local function create_context(host, mode, ...)
 	local user_ssl_config = cfg:final();
 
 	if mode == "server" then
-		if not user_ssl_config.certificate then return nil, "No certificate present in SSL/TLS configuration for "..host; end
-		if not user_ssl_config.key then return nil, "No key present in SSL/TLS configuration for "..host; end
+		if not user_ssl_config.certificate then
+			log("info", "No certificate present in SSL/TLS configuration for %s. SNI will be required.", host);
+		end
+		if user_ssl_config.certificate and not user_ssl_config.key then return nil, "No key present in SSL/TLS configuration for "..host; end
 	end
 
 	for option in pairs(path_options) do
author	Kim Alvefur <zash@zash.se>	2019-09-07 00:00:40 +0200
committer	Kim Alvefur <zash@zash.se>	2019-09-07 00:00:40 +0200
commit	5bba716be9cf3b7e345164023dc89b84e7542ea1 (patch)
tree	a5db0cd02384ce4b3b866a2ef6a5e6dab2149064 /core
parent	92b963270a4e399096f66ac9353a99574915d2e7 (diff)
download	prosody-5bba716be9cf3b7e345164023dc89b84e7542ea1.tar.gz prosody-5bba716be9cf3b7e345164023dc89b84e7542ea1.zip