[pve-devel] [PATCH manager 2/3] fix #3745: handle overridden TLS key location

Fabian Grünbichler f.gruenbichler at proxmox.com
Fri Dec 17 13:57:31 CET 2021


Signed-off-by: Fabian Grünbichler <f.gruenbichler at proxmox.com>
---
 PVE/Service/pveproxy.pm | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/PVE/Service/pveproxy.pm b/PVE/Service/pveproxy.pm
index 61424d77..b746ebf1 100755
--- a/PVE/Service/pveproxy.pm
+++ b/PVE/Service/pveproxy.pm
@@ -131,9 +131,13 @@ sub init {
     if (defined($proxyconf->{DHPARAMS})) {
 	$self->{server_config}->{ssl}->{dh_file} = $proxyconf->{DHPARAMS};
     }
-    if (-f '/etc/pve/local/pveproxy-ssl.pem' && -f '/etc/pve/local/pveproxy-ssl.key') {
+    my $custom_key_path = '/etc/pve/local/pveproxy-ssl.key';
+    if (defined($proxyconf->{TLS_KEY_FILE})) {
+	$custom_key_path = $proxyconf->{TLS_KEY_FILE};
+    }
+    if (-f '/etc/pve/local/pveproxy-ssl.pem' && -f $custom_key_path) {
 	$self->{server_config}->{ssl}->{cert_file} = '/etc/pve/local/pveproxy-ssl.pem';
-	$self->{server_config}->{ssl}->{key_file} = '/etc/pve/local/pveproxy-ssl.key';
+	$self->{server_config}->{ssl}->{key_file} = $custom_key_path;
 	syslog('info', 'Using \'/etc/pve/local/pveproxy-ssl.pem\' as certificate for the web interface.');
     }
 }
-- 
2.30.2






More information about the pve-devel mailing list