aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/tls/credentials_manager.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/tls/credentials_manager.cpp')
-rw-r--r--src/lib/tls/credentials_manager.cpp13
1 files changed, 8 insertions, 5 deletions
diff --git a/src/lib/tls/credentials_manager.cpp b/src/lib/tls/credentials_manager.cpp
index 43ba7650a..3762dc149 100644
--- a/src/lib/tls/credentials_manager.cpp
+++ b/src/lib/tls/credentials_manager.cpp
@@ -129,11 +129,14 @@ void Credentials_Manager::verify_certificate_chain(
Path_Validation_Restrictions restrictions;
- auto result = x509_path_validate(cert_chain,
- restrictions,
- trusted_CAs,
- purported_hostname,
- choose_leaf_usage(type));
+ Path_Validation_Result result = x509_path_validate(cert_chain,
+ restrictions,
+ trusted_CAs,
+ purported_hostname,
+ choose_leaf_usage(type));
+
+ if(!result.successful_validation())
+ throw std::runtime_error("Certificate validation failure: " + result.result_string());
if(!cert_in_some_store(trusted_CAs, result.trust_root()))
throw std::runtime_error("Certificate chain roots in unknown/untrusted CA");
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-02 04:24:23 +0000