@@ -402,7 +402,6 @@ let sslDir = documents.appendingPathComponent("SSL", isDirectory: true)
402402var tlsIdentity : sec_identity_t ? = nil
403403var tlsEnabled = false
404404let p12URL = sslDir. appendingPathComponent ( " localhost.p12 " )
405- let fm = FileManager . default
406405
407406if fm. fileExists ( atPath: p12URL. path) {
408407 if let pData = try ? Data ( contentsOf: p12URL) {
@@ -417,19 +416,15 @@ if fm.fileExists(atPath: p12URL.path) {
417416
418417 // The import dictionary values are Any; safely cast to SecIdentity
419418 if let identityAny = first [ kSecImportItemIdentity as String ] {
420- if let identityRef = identityAny as? SecIdentity {
421- // Convert to sec_identity_t for sec_protocol_options_set_local_identity()
422- if let secId = sec_identity_create ( identityRef) {
423- tlsIdentity = secId
424- tlsEnabled = true
425- print ( " TLS identity loaded from PKCS#12 — TLS enabled. " )
426- // NOTE: Do NOT free sec_identity_t here; leave it for the listener while running.
427- } else {
428- print ( " sec_identity_create failed; falling back to HTTP " )
429- }
419+ let identityRef = identityAny as! SecIdentity
420+ // Convert to sec_identity_t for sec_protocol_options_set_local_identity()
421+ if let secId = sec_identity_create ( identityRef) {
422+ tlsIdentity = secId
423+ tlsEnabled = true
424+ print ( " TLS identity loaded from PKCS#12 — TLS enabled. " )
425+ // NOTE: Do NOT free sec_identity_t here; leave it for the listener while running.
430426 } else {
431- // Value existed but wasn't castable to SecIdentity
432- print ( " PKCS#12 import produced a value that isn't SecIdentity. Will start HTTP only. " )
427+ print ( " sec_identity_create failed; falling back to HTTP " )
433428 }
434429 } else {
435430 // No identity entry in the import result
0 commit comments