From 002b984c0450ba8ff2f865127de38b27de8ddc0b Mon Sep 17 00:00:00 2001
From: Neil Alexander <neilalexander@users.noreply.github.com>
Date: Sun, 18 Jun 2023 18:10:27 +0100
Subject: [PATCH] Fix private key setup when certificate not specified

---
 src/config/config.go | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/src/config/config.go b/src/config/config.go
index 1980cb21..fe55e827 100644
--- a/src/config/config.go
+++ b/src/config/config.go
@@ -151,7 +151,14 @@ func (cfg *NodeConfig) postprocessConfig() error {
 			return err
 		}
 	}
-	if cfg.Certificate == nil {
+	switch {
+	case cfg.Certificate == nil:
+		// No self-signed certificate has been generated yet.
+		fallthrough
+	case !bytes.Equal(cfg.Certificate.PrivateKey.(ed25519.PrivateKey), cfg.PrivateKey):
+		// A self-signed certificate was generated but the private
+		// key has changed since then, possibly because a new config
+		// was parsed.
 		if err := cfg.GenerateSelfSignedCertificate(); err != nil {
 			return err
 		}