This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch 10.1.x in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.1.x by this push: new 4a7977e6e2 Clear error earlier 4a7977e6e2 is described below commit 4a7977e6e24209d50ec78f962f1824c1d270147c Author: remm <r...@apache.org> AuthorDate: Tue Jun 18 16:40:41 2024 +0200 Clear error earlier --- .../tomcat/util/net/openssl/panama/LocalStrings.properties | 1 + .../apache/tomcat/util/net/openssl/panama/OpenSSLContext.java | 11 ++++++++++- 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/java/org/apache/tomcat/util/net/openssl/panama/LocalStrings.properties b/java/org/apache/tomcat/util/net/openssl/panama/LocalStrings.properties index 307fa3f4a2..c0923cbda0 100644 --- a/java/org/apache/tomcat/util/net/openssl/panama/LocalStrings.properties +++ b/java/org/apache/tomcat/util/net/openssl/panama/LocalStrings.properties @@ -58,6 +58,7 @@ openssl.errorLoadingCertificateWithError=Error loading certificate [{0}] with er openssl.errorLoadingPassword=Error loading password file: [{0}] openssl.errorLoadingPrivateKey=Error loading private key: [{0}] openssl.errorPrivateKeyCheck=Private key does not match the certificate public key: [{0}] +openssl.errorReadingPEMParameters=Failed reading PEM parameters [{0}] for certificate [{1}] openssl.errorSSLCtxInit=Error initializing SSL context openssl.invalidSslProtocol=An invalid value [{0}] was provided for the SSLProtocol attribute openssl.keyManagerMissing=No key manager found diff --git a/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java b/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java index 9a8ba2ea2b..3dedf0fd22 100644 --- a/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java +++ b/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java @@ -1068,6 +1068,10 @@ public class OpenSSLContext implements org.apache.tomcat.util.net.SSLContext { log.debug(sm.getString("openssl.setCustomDHParameters", Integer.valueOf(numBits), certificate.getCertificateFile())); } } else { + String errMessage = OpenSSLLibrary.getLastError(); + if (errMessage != null) { + log.debug(sm.getString("openssl.errorReadingPEMParameters", errMessage, certificate.getCertificateFile())); + } SSL_CTX_ctrl(state.sslCtx, SSL_CTRL_SET_DH_AUTO(), 1, MemorySegment.NULL); } } @@ -1220,9 +1224,14 @@ public class OpenSSLContext implements org.apache.tomcat.util.net.SSLContext { EVP_PKEY_free(pkey); } else { log.debug(sm.getString("openssl.setCustomDHParameters", Integer.valueOf(numBits), - certificate.getCertificateFile())); + x509KeyManager.toString())); } } else { + String errMessage = OpenSSLLibrary.getLastError(); + if (errMessage != null) { + log.debug(sm.getString("openssl.errorReadingPEMParameters", errMessage, + x509KeyManager.toString())); + } SSL_CTX_ctrl(state.sslCtx, SSL_CTRL_SET_DH_AUTO(), 1, MemorySegment.NULL); } } --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org