Log the default location of trusted CA certificates when tlsTrustCertsFilePath is not specified (#429)

BewareMyPower · web-flow · commit 739f0f0c8083 · 2024-06-17T16:00:55.000+08:00
### Motivation

Currently when `tlsTrustCertsFilePath` is not specified, default
locations of CA certificates will be used. However, these paths are
determined by the compile option when building OpenSSL and they are
invisible to users. If the OS uses a different path, the TLS connection
will fail with no helpful error message.
diff --git a/lib/ClientConnection.cc b/lib/ClientConnection.cc
@@ -18,6 +18,7 @@
  */
 #include "ClientConnection.h"
 
+#include <openssl/x509.h>
 #include <pulsar/MessageIdBuilder.h>
 
 #include <boost/optional.hpp>
@@ -227,6 +228,7 @@ ClientConnection::ClientConnection(const std::string& logicalAddress, const std:
                 }
             } else {
                 ctx.set_default_verify_paths();
+                LOG_INFO("Use " << X509_get_default_cert_file() << " as default CA path");
             }
         }
 

Original file line number	Diff line number	Diff line change
`@@ -18,6 +18,7 @@`
`18`	`18`	`*/`
`19`	`19`	`#include "ClientConnection.h"`
`20`	`20`
	`21`	`+#include <openssl/x509.h>`
`21`	`22`	`#include <pulsar/MessageIdBuilder.h>`
`22`	`23`
`23`	`24`	`#include <boost/optional.hpp>`
`@@ -227,6 +228,7 @@ ClientConnection::ClientConnection(const std::string& logicalAddress, const std:`
`227`	`228`	`}`
`228`	`229`	`} else {`
`229`	`230`	`ctx.set_default_verify_paths();`
	`231`	`+ LOG_INFO("Use " << X509_get_default_cert_file() << " as default CA path");`
`230`	`232`	`}`
`231`	`233`	`}`
`232`	`234`