return cert, nil
}
}
- if CHIHasEdDSA(chi) {
- if cert := HostToEdDSACertificate[chi.ServerName]; cert != nil {
- return cert, nil
+ var cert *tls.Certificate
+ if len(HostToECDSACertificate) == 0 {
+ cert = HostToEdDSACertificate[chi.ServerName]
+ } else {
+ if CHIHasEdDSA(chi) {
+ if cert := HostToEdDSACertificate[chi.ServerName]; cert != nil {
+ return cert, nil
+ }
}
+ cert = HostToECDSACertificate[chi.ServerName]
}
- cert := HostToECDSACertificate[chi.ServerName]
if cert == nil {
return nil, errors.New("no certificate found")
}
if CHIHasGOST(chi) {
pool = HostGOSTClientAuth[chi.ServerName]
}
- if pool == nil && CHIHasEdDSA(chi) {
+ if pool == nil && (CHIHasEdDSA(chi) || len(HostECDSAClientAuth) == 0) {
pool = HostEdDSAClientAuth[chi.ServerName]
}
if pool == nil {
log.Fatalln(err)
}
pool.AddCert(ca)
+ (*hostClientAuth)[host] = pool
}
}
- if len(pool.Subjects()) > 0 {
- (*hostClientAuth)[host] = pool
- }
}
func LoadCertificates() {