Mercurial > hg > orthanc

--- a/NEWS	Fri May 03 13:58:28 2024 +0200
+++ b/NEWS	Tue May 07 19:20:01 2024 +0200
@@ -16,6 +16,12 @@
 * Removed potential PHI from the logs when Orthanc encounters an error while
   creating a zip file.

+Bug Fixes
+---------
+
+* When working with "DicomTlsEnabled": true and "DicomTlsRemoteCertificateRequired": false,
+  Orthanc was refusing to start if no "DicomTlsTrustedCertificates" was provided.
+

 REST API
 --------
--- a/OrthancFramework/Sources/DicomNetworking/Internals/DicomTls.cpp	Fri May 03 13:58:28 2024 +0200
+++ b/OrthancFramework/Sources/DicomNetworking/Internals/DicomTls.cpp	Tue May 07 19:20:01 2024 +0200
@@ -76,7 +76,7 @@
         throw OrthancException(ErrorCode_ParameterOutOfRange, "Unknown role");
       }

-      if (!SystemToolbox::IsRegularFile(trustedCertificatesPath))
+      if (requireRemoteCertificate && !SystemToolbox::IsRegularFile(trustedCertificatesPath))
       {
         throw OrthancException(ErrorCode_InexistentFile, "Cannot read file with trusted certificates for DICOM TLS: " +
                                trustedCertificatesPath);
@@ -120,7 +120,7 @@
         new DcmTLSTransportLayer(tmpRole /*opt_networkRole*/, NULL /*opt_readSeedFile*/,
                                  OFFalse /*initializeOpenSSL, done by Orthanc::Toolbox::InitializeOpenSsl()*/));

-      if (IsFailure(tls->addTrustedCertificateFile(trustedCertificatesPath.c_str(), DCF_Filetype_PEM /*opt_keyFileFormat*/)))
+      if (requireRemoteCertificate && IsFailure(tls->addTrustedCertificateFile(trustedCertificatesPath.c_str(), DCF_Filetype_PEM /*opt_keyFileFormat*/)))
       {
         throw OrthancException(ErrorCode_BadFileFormat, "Cannot parse PEM file with trusted certificates for DICOM TLS: " +
                                trustedCertificatesPath);