Revert "ConnectionManager: allow self-signed certificate" and generate ca
This reverts commit 62b657d75b4830326f1d0cd99d838ba6a40bacb3.
Change-Id: I1789883b516f96f6c5ffc664da6f940c3dcd3e61
diff --git a/src/connectionmanager.cpp b/src/connectionmanager.cpp
index 70d48e4..7243f53 100644
--- a/src/connectionmanager.cpp
+++ b/src/connectionmanager.cpp
@@ -1503,11 +1503,11 @@
top_issuer = top_issuer->issuer;
// Device certificate can't be self-signed
- /* if (top_issuer == crt) {
+ if (top_issuer == crt) {
if (logger)
logger->warn("Found invalid (self-signed) peer device: {}", crt->getLongId());
return false;
- } */
+ }
// Check peer certificate chain
// Trust store with top issuer as the only CA
@@ -1526,14 +1526,12 @@
return false;
}
- if (auto issuer = crt->issuer) {
- account_id = issuer->getId();
- if (logger)
- logger->warn("Found peer device: {} account:{} CA:{}",
- crt->getLongId(),
- account_id,
- top_issuer->getId());
- }
+ account_id = crt->issuer->getId();
+ if (logger)
+ logger->warn("Found peer device: {} account:{} CA:{}",
+ crt->getLongId(),
+ account_id,
+ top_issuer->getId());
return true;
}