note about ocspIssuer if not found and not in config file
This commit is contained in:
parent
ffecadab2a
commit
47eca42840
|
@ -123,6 +123,10 @@ static int ocsp_check(char *client_cert)
|
|||
if (X509_STORE_CTX_get1_issuer(&issuer, &store_ctx, cert) != 1) {
|
||||
fprintf(stderr,
|
||||
"get1_issuer from cert failed; using config file\n");
|
||||
if (get_config_string("//idpc:ocspIssuer") == NULL) {
|
||||
fprintf(stderr, "no ocspIssuer set\n");
|
||||
return -1;
|
||||
}
|
||||
fcert = fopen(get_config_string("//idpc:ocspIssuer"), "r");
|
||||
if (!PEM_read_X509(fcert, &issuer, NULL, NULL)) {
|
||||
fprintf(stderr, "reading issuer cert failed\n");
|
||||
|
|
Reference in New Issue