diff options
| author | Vlad Turchenko <vlad@penza19.com> | 2021-03-16 16:55:29 -0600 |
|---|---|---|
| committer | Michael Grunder <michael.grunder@gmail.com> | 2022-09-08 14:02:29 -0700 |
| commit | 5392adc26515e4ac26ebd612eb88282bdb23a1a4 (patch) | |
| tree | 7a9f9defc9b73a3c820011f49fb60fae7f45a6c0 | |
| parent | 560e6648627cfd9bf347cffe5616d8043cbe940e (diff) | |
set default SSL certificate directory
| -rw-r--r-- | hiredis_ssl.h | 1 | ||||
| -rw-r--r-- | ssl.c | 5 |
2 files changed, 6 insertions, 0 deletions
diff --git a/hiredis_ssl.h b/hiredis_ssl.h index 26bc9e9..cef8893 100644 --- a/hiredis_ssl.h +++ b/hiredis_ssl.h @@ -56,6 +56,7 @@ typedef enum { REDIS_SSL_CTX_CERT_KEY_REQUIRED, /* Client cert and key must both be specified or skipped */ REDIS_SSL_CTX_CA_CERT_LOAD_FAILED, /* Failed to load CA Certificate or CA Path */ REDIS_SSL_CTX_CLIENT_CERT_LOAD_FAILED, /* Failed to load client certificate */ + REDIS_SSL_CTX_CLIENT_DEFAULT_CERT_FAILED, /* Failed to set client default certificate directory */ REDIS_SSL_CTX_PRIVATE_KEY_LOAD_FAILED, /* Failed to load private key */ REDIS_SSL_CTX_OS_CERTSTORE_OPEN_FAILED, /* Failed to open system certifcate store */ REDIS_SSL_CTX_OS_CERT_ADD_FAILED /* Failed to add CA certificates obtained from system to the SSL context */ @@ -293,6 +293,11 @@ redisSSLContext *redisCreateSSLContextWithOptions(redisSSLOptions *options, redi if (error) *error = REDIS_SSL_CTX_CA_CERT_LOAD_FAILED; goto error; } + } else { + if (!SSL_CTX_set_default_verify_paths(ctx->ssl_ctx)) { + if (error) *error = REDIS_SSL_CTX_CLIENT_DEFAULT_CERT_FAILED; + goto error; + } } if (cert_filename) { |