summaryrefslogtreecommitdiff
path: root/cpp/src/IceSSL/OpenSSLEngine.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'cpp/src/IceSSL/OpenSSLEngine.cpp')
-rw-r--r--cpp/src/IceSSL/OpenSSLEngine.cpp22
1 files changed, 20 insertions, 2 deletions
diff --git a/cpp/src/IceSSL/OpenSSLEngine.cpp b/cpp/src/IceSSL/OpenSSLEngine.cpp
index c47e19eb99f..cc617008547 100644
--- a/cpp/src/IceSSL/OpenSSLEngine.cpp
+++ b/cpp/src/IceSSL/OpenSSLEngine.cpp
@@ -395,8 +395,22 @@ OpenSSLEngine::initialize()
// Establish the location of CA certificates.
//
{
- string caFile = properties->getProperty(propPrefix + "CertAuthFile");
- string caDir = properties->getPropertyWithDefault(propPrefix + "CertAuthDir", defaultDir);
+ string caFile = properties->getProperty(propPrefix + "CAs");
+ string caDir;
+ if(!caFile.empty())
+ {
+ if(!checkPath(caFile, defaultDir, false) && checkPath(caFile, defaultDir, true))
+ {
+ caDir = caFile;
+ caFile = "";
+ }
+ }
+ else
+ {
+ // Deprecated properties
+ caFile = properties->getProperty(propPrefix + "CertAuthFile");
+ caDir = properties->getProperty(propPrefix + "CertAuthDir");
+ }
const char* file = 0;
const char* dir = 0;
if(!caFile.empty())
@@ -452,6 +466,10 @@ OpenSSLEngine::initialize()
throw PluginInitializationException(__FILE__, __LINE__, msg);
}
}
+ else if(properties->getPropertyAsInt("IceSSL.UsePlatformCAs") > 0)
+ {
+ SSL_CTX_set_default_verify_paths(_ctx);
+ }
}
//
generated by cgit v1.2.3 (git 2.46.0) at 2025-08-04 00:02:50 +0000