From eb97a4d6491a38186bbfd4cdf5cbd5f2cd46e1ee Mon Sep 17 00:00:00 2001
From: vicanso <tree.xie@outlook.com>
Date: Sun, 15 Dec 2024 20:29:38 +0800
Subject: [PATCH] refactor: add error log for self signed certificate fail

---
 src/config/common.rs             |  2 +-
 src/proxy/dynamic_certificate.rs | 26 ++++++++++++++++----------
 2 files changed, 17 insertions(+), 11 deletions(-)

diff --git a/src/config/common.rs b/src/config/common.rs
index 0d8746c..f82ccfc 100644
--- a/src/config/common.rs
+++ b/src/config/common.rs
@@ -1347,7 +1347,7 @@ ai02RHnemmqJaNepfmCdyec=
         let result = conf.validate();
         assert_eq!(true, result.is_ok());
 
-        assert_eq!("488642d0e54f33b6", conf.hash_key());
+        assert_eq!("df7255ff75e0f40c", conf.hash_key());
     }
 
     #[test]
diff --git a/src/proxy/dynamic_certificate.rs b/src/proxy/dynamic_certificate.rs
index 2433ec7..35a58c6 100644
--- a/src/proxy/dynamic_certificate.rs
+++ b/src/proxy/dynamic_certificate.rs
@@ -482,16 +482,22 @@ impl pingora::listeners::TlsAccept for DynamicCertificate {
 
         // root ca
         if d.is_root {
-            if let Ok(result) =
-                d.get_self_signed_cert(server_name.unwrap_or_default())
-            {
-                ssl_certificate(
-                    ssl,
-                    &result.0,
-                    &result.1,
-                    &d.chain_certificate,
-                );
-            }
+            match d.get_self_signed_cert(server_name.unwrap_or_default()) {
+                Ok(result) => {
+                    ssl_certificate(
+                        ssl,
+                        &result.0,
+                        &result.1,
+                        &d.chain_certificate,
+                    );
+                },
+                Err(err) => {
+                    error!(
+                        error = err.to_string(),
+                        "get self signed cert fail"
+                    );
+                },
+            };
             return;
         }