Prohibit making connection based on old CA cert.
This is fix for issue #107.
Tested:
Reproduction steps from #107 was followed. mTLS way of authentication
was used. As a result connection try based on user certificate
generated from already replaced CA certificate was dropped. Bmcweb
didn't allow make such connection.
Change-Id: I4709927b5fc108e5b26b7db1981ae77c6aa8a5bf
Signed-off-by: Zbigniew Lukwinski <zbigniew.lukwinski@linux.intel.com>
diff --git a/http/http_server.h b/http/http_server.h
index ef50bf7..82ba9d0 100644
--- a/http/http_server.h
+++ b/http/http_server.h
@@ -200,6 +200,14 @@
{
BMCWEB_LOG_INFO << "Receivied reload signal";
loadCertificate();
+ boost::system::error_code ec;
+ acceptor->cancel(ec);
+ if (ec)
+ {
+ BMCWEB_LOG_ERROR
+ << "Error while canceling async operations:"
+ << ec.message();
+ }
this->startAsyncWaitForSignal();
}
else