changeset 1880:a7c1f1b6ef05

mod_checkcerts: Improve error handling when loading certificate
author Kim Alvefur <zash@zash.se>
date Tue, 29 Sep 2015 14:56:46 +0200 (2015-09-29)
parents 18123e0f5d58
children 3683eb95bc1a
files mod_checkcerts/mod_checkcerts.lua
diffstat 1 files changed, 11 insertions(+), 8 deletions(-) [+]
line wrap: on
line diff
--- a/mod_checkcerts/mod_checkcerts.lua	Tue Sep 29 14:53:16 2015 +0200
+++ b/mod_checkcerts/mod_checkcerts.lua	Tue Sep 29 14:56:46 2015 +0200
@@ -50,15 +50,18 @@
 	end
 
 	local certfile = ssl_config.certificate;
-	local fh = io.open(certfile); -- Load the file.
-	cert = fh and fh:read"*a";
-	fh = fh and fh:close();
-	local cert = cert and load_cert(cert); -- And parse
+	local fh, ferr = io.open(certfile); -- Load the file.
+	if not fh then
+		log("warn", "Could not open certificate %s", ferr);
+		return;
+	end
+	local cert, lerr = load_cert(fh:read("*a")); -- And parse
+	fh:close();
+	if not cert then
+		log("warn", "Could not parse certificate %s: %s", certfile, lerr or "");
+		return;
+	end
 
-	if not cert then
-		module:log("warn", "No certificate configured for this host, please fix this and reload this module to check expiry");
-		return
-	end
 	local expires_at = parse_x509_datetime(cert:notafter());
 	local expires_in = os.difftime(expires_at, now);
 	local fmt =  "Certificate %s expires in %s"