summary refs log tree commit diff
path: root/synapse/app/_base.py
diff options
context:
space:
mode:
authorRichard van der Hoff <1389908+richvdh@users.noreply.github.com>2019-02-12 10:51:31 +0000
committerGitHub <noreply@github.com>2019-02-12 10:51:31 +0000
commit32b781bfe20034052d71558c0ed9b0df511a1f77 (patch)
treeed369129869fa6d3db8dbb949e3d9058c29ccdc4 /synapse/app/_base.py
parentMerge pull request #4619 from matrix-org/rav/remove_docker_no_tls_hacks (diff)
downloadsynapse-32b781bfe20034052d71558c0ed9b0df511a1f77.tar.xz
Fix error when loading cert if tls is disabled (#4618)
If TLS is disabled, it should not be an error if no cert is given.

Fixes #4554.
Diffstat (limited to 'synapse/app/_base.py')
-rw-r--r--synapse/app/_base.py5
1 files changed, 3 insertions, 2 deletions
diff --git a/synapse/app/_base.py b/synapse/app/_base.py
index 50fd17c0be..5b0ca312e2 100644
--- a/synapse/app/_base.py
+++ b/synapse/app/_base.py
@@ -213,12 +213,13 @@ def refresh_certificate(hs):
     Refresh the TLS certificates that Synapse is using by re-reading them from
     disk and updating the TLS context factories to use them.
     """
-    hs.config.read_certificate_from_disk()
 
     if not hs.config.has_tls_listener():
-        # nothing else to do here
+        # attempt to reload the certs for the good of the tls_fingerprints
+        hs.config.read_certificate_from_disk(require_cert_and_key=False)
         return
 
+    hs.config.read_certificate_from_disk(require_cert_and_key=True)
     hs.tls_server_context_factory = context_factory.ServerContextFactory(hs.config)
 
     if hs._listening_services: