this is needed for the signer-client to load CAs when
he does not have the according private key.
Change-Id: Ib1a9c6fd9cde6ec3af1414f2b22faa22d1fa6fea
}
void CRL::sign( std::shared_ptr<CAConfig> ca ) {
+ if(!ca->caKey){
+ throw new std::invalid_argument("Cannot sign CRL with CA " + ca->name + " because it has no private key.");
+ }
+
// Updating necessary CRL props
std::shared_ptr<ASN1_TIME> tmptm( ASN1_TIME_new(), ASN1_TIME_free );
logger::error( "ERROR: Signing CA specified in profile could not be loaded." );
throw std::runtime_error("CA-key not found");
}
+ if(!ca->caKey){
+ throw std::runtime_error("Cannot sign certificate with CA " + ca->name + " because it has no private key.");
+ }
logger::note( "FINE: Key for Signing CA is correctly loaded." );
}
caKey = loadPkeyFromFile( path + "/ca.key" );
- if (!caKey) {
- throw new std::invalid_argument("ca name: " + name + " contains unreadable key.");
- }
ASN1_TIME* tm = X509_get_notBefore( ca.get() ); // tm MUST NOT be free'd; duplicate for owning copy.
notBefore = std::shared_ptr<ASN1_TIME>( ASN1_STRING_dup(tm), ASN1_TIME_free );