"loadCertificateChain: either <path> or <format> is nullptr");
}
if (strcmp(format, "PEM") == 0) {
- if (SSL_CTX_use_certificate_chain_file(ctx_, path) == 0) {
+ if (SSL_CTX_use_certificate_chain_file(ctx_, path) != 1) {
int errnoCopy = errno;
std::string reason("SSL_CTX_use_certificate_chain_file: ");
reason.append(path);
}
}
+void SSLContext::loadCertKeyPairFromBufferPEM(
+ folly::StringPiece cert,
+ folly::StringPiece pkey) {
+ loadCertificateFromBufferPEM(cert);
+ loadPrivateKeyFromBufferPEM(pkey);
+ if (!isCertKeyPairValid()) {
+ throw std::runtime_error("SSL certificate and private key do not match");
+ }
+}
+
+void SSLContext::loadCertKeyPairFromFiles(
+ const char* certPath,
+ const char* keyPath,
+ const char* certFormat,
+ const char* keyFormat) {
+ loadCertificate(certPath, certFormat);
+ loadPrivateKey(keyPath, keyFormat);
+ if (!isCertKeyPairValid()) {
+ throw std::runtime_error("SSL certificate and private key do not match");
+ }
+}
+
+bool SSLContext::isCertKeyPairValid() const {
+ return SSL_CTX_check_private_key(ctx_) == 1;
+}
+
void SSLContext::loadTrustedCertificates(const char* path) {
if (path == nullptr) {
throw std::invalid_argument("loadTrustedCertificates: <path> is nullptr");