diff options
author | Bjørn Christian Seime <bjorncs@yahooinc.com> | 2023-06-19 11:44:59 +0200 |
---|---|---|
committer | Bjørn Christian Seime <bjorncs@yahooinc.com> | 2023-06-19 11:46:13 +0200 |
commit | 5b2df4778f222694005c6d9a9032d87b0c52ed9f (patch) | |
tree | 5a37aba35c50ea02fa5758e113b2b9808480b960 /jdisc-security-filters | |
parent | 3caa0acf54f360a3cd090ea583a933376461a32b (diff) |
Fail if PEM does not contain any certificate entries
Diffstat (limited to 'jdisc-security-filters')
-rw-r--r-- | jdisc-security-filters/src/main/java/com/yahoo/jdisc/http/filter/security/cloud/CloudDataPlaneFilter.java | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/jdisc-security-filters/src/main/java/com/yahoo/jdisc/http/filter/security/cloud/CloudDataPlaneFilter.java b/jdisc-security-filters/src/main/java/com/yahoo/jdisc/http/filter/security/cloud/CloudDataPlaneFilter.java index 7d8b9ba3c60..96602fcd899 100644 --- a/jdisc-security-filters/src/main/java/com/yahoo/jdisc/http/filter/security/cloud/CloudDataPlaneFilter.java +++ b/jdisc-security-filters/src/main/java/com/yahoo/jdisc/http/filter/security/cloud/CloudDataPlaneFilter.java @@ -103,6 +103,8 @@ public class CloudDataPlaneFilter extends JsonSecurityRequestFilterBase { throw new IllegalArgumentException( "Client '%s' contains invalid X.509 certificate PEM: %s".formatted(c.id(), e.toString()), e); } + if (certs.isEmpty()) throw new IllegalArgumentException( + "Client '%s' certificate PEM contains no valid X.509 entries".formatted(c.id())); clients.add(new Client(c.id(), permissions, certs, Map.of())); hasClientRequiringCertificate = true; } else { |