ServerConfigurationManager: Check if a specified SSL certificate can be used when configuration is saved
Emby can only use certificates in PFX format which include a private key, and where the private key is not protected with a password. Checking these conditions early helps to avoid misconfigurations and reduce troubleshooting time...
This commit is contained in:
parent
7424457737
commit
f92b517eda
|
@ -171,12 +171,49 @@ namespace MediaBrowser.Server.Implementations.Configuration
|
|||
ValidateItemByNamePath(newConfig);
|
||||
ValidatePathSubstitutions(newConfig);
|
||||
ValidateMetadataPath(newConfig);
|
||||
ValidateSslCertificate(newConfig);
|
||||
|
||||
EventHelper.FireEventIfNotNull(ConfigurationUpdating, this, new GenericEventArgs<ServerConfiguration> { Argument = newConfig }, Logger);
|
||||
|
||||
base.ReplaceConfiguration(newConfiguration);
|
||||
}
|
||||
|
||||
|
||||
/// <summary>
|
||||
/// Validates the SSL certificate.
|
||||
/// </summary>
|
||||
/// <param name="newConfig">The new configuration.</param>
|
||||
/// <exception cref="System.IO.DirectoryNotFoundException"></exception>
|
||||
private void ValidateSslCertificate(BaseApplicationConfiguration newConfig)
|
||||
{
|
||||
var serverConfig = (ServerConfiguration)newConfig;
|
||||
|
||||
var certPath = serverConfig.CertificatePath;
|
||||
|
||||
if (!string.IsNullOrWhiteSpace(certPath))
|
||||
{
|
||||
// Validate
|
||||
if (!File.Exists(certPath))
|
||||
{
|
||||
throw new FileNotFoundException(string.Format("Certificate file '{0}' does not exist.", certPath));
|
||||
}
|
||||
|
||||
try
|
||||
{
|
||||
var cert = new System.Security.Cryptography.X509Certificates.X509Certificate2(certPath);
|
||||
|
||||
if (cert.PrivateKey == null)
|
||||
{
|
||||
throw new ArgumentException("Certificate does not contain a private key!");
|
||||
}
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
throw new ArgumentException(string.Format("Exception loading certificate: '{0}' - {1}", certPath, ex.Message));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
private void ValidatePathSubstitutions(ServerConfiguration newConfig)
|
||||
{
|
||||
foreach (var map in newConfig.PathSubstitutions)
|
||||
|
|
Loading…
Reference in New Issue
Block a user