+ /* Check that the proxy certificate file exists and is readable for this
+ * domain. This ensures we send an "invalid" certificate even if the proxy
+ * certificate doesn't exist. */
+ if (proxy_certificate_path(hostname, path, sizeof(path)) != 0) {
+ return -1;
+ }
+ file = fopen(path, "r");
+ if (file == NULL) {
+ LOG(LOG_WARNING,
+ "verify_tls_connection(): proxy certificate doesn't exist: '%s'",
+ path);
+ return -1;
+ }
+ fclose(file);
+