Leave only pkcs8 keys support for proxy.

rsa_private_keys() function returns an empty vector when tries to read pkcs8-encoded file instead of returning an error. So previous check was failing on pkcs8. Leave only pkcs8 for now.
2026-01-05 20:42:54 +00:00 · 2021-09-27 10:31:37 +03:00
parent 70b08923ed
commit f84eaf4f05
1 changed files with 1 additions and 2 deletions
--- a/proxy/src/main.rs
+++ b/proxy/src/main.rs
@@ -56,8 +56,7 @@ fn configure_ssl(arg_matches: &ArgMatches) -> anyhow::Result<Option<Arc<ServerCo

    let key = {
        let key_bytes = std::fs::read(key_path).context("SSL key file")?;
-        let mut keys = pemfile::rsa_private_keys(&mut &key_bytes[..])
-            .or_else(|_| pemfile::pkcs8_private_keys(&mut &key_bytes[..]))
+        let mut keys = pemfile::pkcs8_private_keys(&mut &key_bytes[..])
            .map_err(|_| anyhow!("couldn't read TLS keys"))?;
        ensure!(keys.len() == 1, "keys.len() = {} (should be 1)", keys.len());
        keys.pop().unwrap()