From cb0a2ffe81725c4457a999af5c03b91493629df5 Mon Sep 17 00:00:00 2001
From: Kim Alvefur <zash@zash.se>
Date: Fri, 7 Jul 2017 20:42:35 +0200
Subject: prosody, prosodyctl: Set up TLS settings for HTTPS requests in
 net.http (part of fix for #659)

---
 prosody | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'prosody')

diff --git a/prosody b/prosody
index 0a48eba4..7d9e76b8 100755
--- a/prosody
+++ b/prosody
@@ -323,7 +323,11 @@ function load_secondary_libraries()
 		return function() end
 	end});
 
-	require "net.http"
+	local http = require "net.http"
+	local config_ssl = config.get("*", "ssl")
+	local https_client = config.get("*", "client_https_ssl")
+	http.default.options.sslctx = require "core.certmanager".create_context("client_https port 0", "client",
+		{ capath = config_ssl.capath, cafile = config_ssl.cafile, verify = "peer", }, https_client);
 
 	require "util.array"
 	require "util.datetime"
-- 
cgit v1.2.3