From 439a62a8538bca21d08d3135c5a833e601bfec8b Mon Sep 17 00:00:00 2001
From: Kim Alvefur <zash@zash.se>
Date: Fri, 5 Feb 2016 15:03:39 +0100
Subject: certmanager: Apply global ssl config later so certificate/key is not
 overwritten by magic

---
 core/certmanager.lua | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'core/certmanager.lua')

diff --git a/core/certmanager.lua b/core/certmanager.lua
index b1ff648d..f6715998 100644
--- a/core/certmanager.lua
+++ b/core/certmanager.lua
@@ -120,7 +120,6 @@ end
 local function create_context(host, mode, ...)
 	local cfg = new_config();
 	cfg:apply(core_defaults);
-	cfg:apply(global_ssl_config);
 	local service_name, port = host:match("^(%w+) port (%d+)$");
 	if service_name then
 		cfg:apply(find_service_cert(service_name, tonumber(port)));
@@ -132,6 +131,7 @@ local function create_context(host, mode, ...)
 		-- We can't read the password interactively when daemonized
 		password = function() log("error", "Encrypted certificate for %s requires 'ssl' 'password' to be set in config", host); end;
 	});
+	cfg:apply(global_ssl_config);
 
 	for i = select('#', ...), 1, -1 do
 		cfg:apply(select(i, ...));
-- 
cgit v1.2.3