HPCC-27255 TLS cert/key as buffers 3

Signed-off-by: Mark Kelly <[email protected]>
hpcc-systems · Sep 7, 2023 · 9ab52fe · 9ab52fe
1 parent fb17ee0
commit 9ab52fe
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 2 deletions.
diff --git a/esp/bindings/SOAP/Platform/soapbind.cpp b/esp/bindings/SOAP/Platform/soapbind.cpp
@@ -286,7 +286,7 @@ static IPropertyTree *createSecClientConfigBuf(const char *clientCertBuf, const
     if (!isEmptyString(caCertsBuf))
     {
         IPropertyTree *ca = ensurePTree(verify, "ca_certificates");
-        ca->setProp("@pem", caCertsBuf);
+        ca->setProp("pem", caCertsBuf);
     }
     verify->setPropBool("@enable", true);
     verify->setPropBool("@accept_selfsigned", acceptSelfSigned);

diff --git a/system/security/securesocket/securesocket.cpp b/system/security/securesocket/securesocket.cpp
@@ -1286,6 +1286,8 @@ static bool isPEMBuffer(const char *certBuf)
     // -----BEGIN PRIVATE KEY-----
     // -----BEGIN RSA PRIVATE KEY-----
     // -----BEGIN CERTIFICATE-----
+    // or maybe just:
+    // -----BEGIN
 
     if ( (strstr(certBuf, "-----BEGIN PRIVATE KEY-----")) ||
          (strstr(certBuf, "-----BEGIN RSA PRIVATE KEY-----")) ||
@@ -1528,7 +1530,7 @@ class CSecureSocketContext : implements ISecureSocketContext, public CInterface
 
         if(m_verify)
         {
-            const char *cacertbuf = config->queryProp("verify/ca_certificates/@pem");
+            const char *cacertbuf = config->queryProp("verify/ca_certificates/pem");
             if (cacertbuf && *cacertbuf)
             {
                 // can have multiple certs in buffer