Fix error when loading cert if tls is disabled (#4618)

If TLS is disabled, it should not be an error if no cert is given. Fixes #4554.
author: Richard van der Hoff <1389908+richvdh@users.noreply.github.com> 2019-02-12 10:51:31 +0000
committer: GitHub <noreply@github.com> 2019-02-12 10:51:31 +0000
commit: 32b781bfe20034052d71558c0ed9b0df511a1f77 (patch)
tree: ed369129869fa6d3db8dbb949e3d9058c29ccdc4 /synapse/app/_base.py
parent: Merge pull request #4619 from matrix-org/rav/remove_docker_no_tls_hacks (diff)
download: synapse-32b781bfe20034052d71558c0ed9b0df511a1f77.tar.xz
1 files changed, 3 insertions, 2 deletions
diff --git a/synapse/app/_base.py b/synapse/app/_base.py
index 50fd17c0be..5b0ca312e2 100644
--- a/synapse/app/_base.py
+++ b/synapse/app/_base.py
@@ -213,12 +213,13 @@ def refresh_certificate(hs):
     Refresh the TLS certificates that Synapse is using by re-reading them from
     disk and updating the TLS context factories to use them.
     """
-    hs.config.read_certificate_from_disk()
 
     if not hs.config.has_tls_listener():
-        # nothing else to do here
+        # attempt to reload the certs for the good of the tls_fingerprints
+        hs.config.read_certificate_from_disk(require_cert_and_key=False)
         return
 
+    hs.config.read_certificate_from_disk(require_cert_and_key=True)
     hs.tls_server_context_factory = context_factory.ServerContextFactory(hs.config)
 
     if hs._listening_services:
author	Richard van der Hoff <1389908+richvdh@users.noreply.github.com>	2019-02-12 10:51:31 +0000
committer	GitHub <noreply@github.com>	2019-02-12 10:51:31 +0000
commit	32b781bfe20034052d71558c0ed9b0df511a1f77 (patch)
tree	ed369129869fa6d3db8dbb949e3d9058c29ccdc4 /synapse/app/_base.py
parent	Merge pull request #4619 from matrix-org/rav/remove_docker_no_tls_hacks (diff)
download	synapse-32b781bfe20034052d71558c0ed9b0df511a1f77.tar.xz