Don't look for an TLS private key if we have set --no-tls

2025-07-22 01:58:41 -04:00 · 2015-03-06 11:34:06 +00:00 · 2015-03-06 11:34:06 +00:00 · 3ce8540484
commit 3ce8540484
parent e780492ecf
3 changed files with 17 additions and 8 deletions
--- a/synapse/crypto/context_factory.py
+++ b/synapse/crypto/context_factory.py
@ -38,7 +38,10 @@ class ServerContextFactory(ssl.ContextFactory):
            logger.exception("Failed to enable eliptic curve for TLS")
        context.set_options(SSL.OP_NO_SSLv2 | SSL.OP_NO_SSLv3)
        context.use_certificate(config.tls_certificate)
-        context.use_privatekey(config.tls_private_key)
+
+        if not config.no_tls:
+            context.use_privatekey(config.tls_private_key)
+
        context.load_tmp_dh(config.tls_dh_params_path)
        context.set_cipher_list("!ADH:HIGH+kEDH:!AECDH:HIGH+kEECDH")