certs: misleading message (#6004)

2026-03-14 08:34:39 +00:00 · 2022-09-06 13:36:58 +03:00 · 2022-09-06 13:36:58 +03:00 · 7e8ac1eb59
commit 7e8ac1eb59
parent 96229a2e23
1 changed files with 7 additions and 2 deletions
--- a/src/etc/inc/certs.inc
+++ b/src/etc/inc/certs.inc
@ -700,8 +700,13 @@ function crl_update(&$crl)
            $x509_cert = new X509();
            $x509_cert->loadCA($ca_str_crt);
            $raw_cert = $x509_cert->loadX509(base64_decode($cert['crt']));
-            if (!$x509_cert->validateSignature(false)) {
-                syslog(LOG_ERR, "Cert revocation error: CA validation failed.");
+            try {
+                if (!$x509_cert->validateSignature(false)) {
+                    syslog(LOG_ERR, "Cert revocation error: Revoked certificate validation failed.");
+                    return false;
+                }
+            } catch (Exception $e) {
+                syslog(LOG_ERR, 'Cert revocation error: Revoked certificate validation failed ' . $e);
                return false;
            }
            /* Get serial number of cert */