From 5b50bc89bc9698563ed535ebc6c2ae61cf73d3c8 Mon Sep 17 00:00:00 2001
From: Paul Harris <harris.pc@gmail.com>
Date: Sat, 14 Sep 2024 07:47:41 +0800
Subject: [PATCH] Throw exceptions when server's keys can't be loaded.

---
 httplib.h | 22 ++++++++++++++++------
 1 file changed, 16 insertions(+), 6 deletions(-)

diff --git a/httplib.h b/httplib.h
index 121ce34955..851cb65dfc 100644
--- a/httplib.h
+++ b/httplib.h
@@ -9003,12 +9003,22 @@ inline SSLServer::SSLServer(const char *cert_path, const char *private_key_path,
           reinterpret_cast<void *>(const_cast<char *>(private_key_password)));
     }
 
-    if (SSL_CTX_use_certificate_chain_file(ctx_, cert_path) != 1 ||
-        SSL_CTX_use_PrivateKey_file(ctx_, private_key_path, SSL_FILETYPE_PEM) !=
-            1 ||
-        SSL_CTX_check_private_key(ctx_) != 1) {
-      SSL_CTX_free(ctx_);
-      ctx_ = nullptr;
+    if (strlen(cert_path) > 0) {
+       if (SSL_CTX_use_certificate_chain_file(ctx_, cert_path) != 1) {
+         SSL_CTX_free(ctx_);
+         ctx_ = nullptr;
+         throw std::runtime_error( std::string("Cert chain file: ") + ERR_error_string(ERR_get_error(), nullptr) );
+       }
+       if (SSL_CTX_use_PrivateKey_file(ctx_, private_key_path, SSL_FILETYPE_PEM) != 1) {
+         SSL_CTX_free(ctx_);
+         ctx_ = nullptr;
+         throw std::runtime_error( std::string("Cert privatekey file: ") + ERR_error_string(ERR_get_error(), nullptr) );
+       }
+       if (SSL_CTX_check_private_key(ctx_) != 1) {
+         SSL_CTX_free(ctx_);
+         ctx_ = nullptr;
+         throw std::runtime_error( std::string("Cert check privatekey: ") + ERR_error_string(ERR_get_error(), nullptr) );
+       }
     } else if (client_ca_cert_file_path || client_ca_cert_dir_path) {
       SSL_CTX_load_verify_locations(ctx_, client_ca_cert_file_path,
                                     client_ca_cert_dir_path);