Specify the type of the certificate to load, currently X509 only

diff --git a/src/conftest/conftest.c b/src/conftest/conftest.c
index 0d610c5b4f4f61f82d5270a7281cea0397bc2ca8..38ec833caa435a9ee35556eabb234844cb090ed9 100644 (file)
--- a/src/conftest/conftest.c
+++ b/src/conftest/conftest.c
@@ -110,6 +110,12 @@ static bool load_certs(settings_t *settings, char *dir)
        enumerator = settings->create_key_value_enumerator(settings, "certs.trusted");
        while (enumerator->enumerate(enumerator, &key, &value))
        {
+               if (!strcaseeq(key, "x509"))
+               {
+                       fprintf(stderr, "certificate type '%s' not supported\n", key);
+                       enumerator->destroy(enumerator);
+                       return FALSE;
+               }
                cert = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509,
                                                                  BUILD_FROM_FILE, value, BUILD_END);
                if (!cert)
@@ -126,6 +132,12 @@ static bool load_certs(settings_t *settings, char *dir)
        enumerator = settings->create_key_value_enumerator(settings, "certs.untrusted");
        while (enumerator->enumerate(enumerator, &key, &value))
        {
+               if (!strcaseeq(key, "x509"))
+               {
+                       fprintf(stderr, "certificate type '%s' not supported\n", key);
+                       enumerator->destroy(enumerator);
+                       return FALSE;
+               }
                cert = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509,
                                                                  BUILD_FROM_FILE, value, BUILD_END);
                if (!cert)