MOON
Server: Apache
System: Linux 54-179-220-51.cprapid.com 3.10.0-1160.144.1.el7.tuxcare.els4.x86_64 #1 SMP Tue Apr 7 08:40:40 UTC 2026 x86_64
User: hunarpak (1005)
PHP: 7.4.29
Disabled: NONE
$ pwd: /opt/imunify360-webshield/nginx/lua/
Upload Files
File: //opt/imunify360-webshield/nginx/lua/ssl.lua
local ngx_ssl = require('ngx.ssl')
local ssl_utils = require("webshield.sslutils")


local function get_address()

    local addr, atype, err = ngx_ssl.raw_server_addr()

    if not addr then
        ngx.log(ngx.ERR, "Unable to fetch raw server addr: ", err)
        return
    end

    local byte = string.byte

    if atype == "inet" then  -- IPv4

        local ip = string.format(
            "%d.%d.%d.%d",
            byte(addr, 1), byte(addr, 2), byte(addr, 3), byte(addr, 4))

        return ip
    elseif atype == "inet6" then -- IPv6

        local ip = string.format(
            "%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x",
            byte(addr, 1), byte(addr, 2), byte(addr, 3), byte(addr, 4),
            byte(addr, 5), byte(addr, 6), byte(addr, 7), byte(addr, 8),
            byte(addr, 9), byte(addr, 10), byte(addr, 11), byte(addr, 12),
            byte(addr, 13), byte(addr, 14), byte(addr, 15), byte(addr, 16))

        return ip
    else                         -- unix socket unsupported
        ngx.log(ngx.WARN, "IP addresses only supported")
    end
end


local function set_cert()

    local addr = get_address()
    if not addr then
        return
    end

    local name = ngx_ssl.server_name()

    local ssl = ssl_utils.get_cert_by_host(name, addr)

    if not ssl then
        return
    end

    ngx_ssl.clear_certs()

    ngx_ssl.set_cert(ssl.crt)

    ngx_ssl.set_priv_key(ssl.key)
end

set_cert()
@ Telegram