From 2c59f5b93f19c4b3c6d80c83bc37ba737ce4cd6f Mon Sep 17 00:00:00 2001
From: Muhammad Usama <m.usama@gmail.com>
Date: Wed, 5 Sep 2018 11:55:00 +0500
Subject: [PATCH] Fix for 0000428: Secure TCP/IP Connections with SSL...

check for empty string in pool_config->ssl_ca_cert before
trying to load root certificates
---
 src/utils/pool_ssl.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/utils/pool_ssl.c b/src/utils/pool_ssl.c
index 9f61fd7e1..5845497d5 100644
--- a/src/utils/pool_ssl.c
+++ b/src/utils/pool_ssl.c
@@ -654,7 +654,7 @@ SSL_ServerSide_init(void)
 	/*
 	 * Load CA store, so we can verify client certificates if needed.
 	 */
-	if (pool_config->ssl_ca_cert)
+	if (pool_config->ssl_ca_cert && strlen(pool_config->ssl_ca_cert))
 	{
 		char	   *cacert = NULL,
 				   *cacert_dir = NULL;
-- 
2.39.5