Support certificate chains

This commit is contained in:
Tilka 2013-09-06 01:44:25 +02:00
parent a81757c483
commit 591d0ba5bb
2 changed files with 2 additions and 2 deletions

View File

@ -432,7 +432,7 @@
<option name="tls_certificate" type="file" default=""> <option name="tls_certificate" type="file" default="">
<short>Certificate file</short> <short>Certificate file</short>
<description><![CDATA[ <description><![CDATA[
Path to a TLS/SSL certificate (PEM format). Path to a TLS/SSL certificate or certificate chain (PEM format).
]]></description> ]]></description>
<since>0.3.0</since> <since>0.3.0</since>
</option> </option>

View File

@ -127,7 +127,7 @@ extern void net_ssl_context_destroy(struct ssl_context_handle* ctx_)
int ssl_load_certificate(struct ssl_context_handle* ctx_, const char* pem_file) int ssl_load_certificate(struct ssl_context_handle* ctx_, const char* pem_file)
{ {
struct net_context_openssl* ctx = (struct net_context_openssl*) ctx_; struct net_context_openssl* ctx = (struct net_context_openssl*) ctx_;
if (SSL_CTX_use_certificate_file(ctx->ssl_ctx, pem_file, SSL_FILETYPE_PEM) < 0) if (SSL_CTX_use_certificate_chain_file(ctx->ssl_ctx, pem_file) < 0)
{ {
LOG_ERROR("SSL_CTX_use_certificate_file: %s", ERR_error_string(ERR_get_error(), NULL)); LOG_ERROR("SSL_CTX_use_certificate_file: %s", ERR_error_string(ERR_get_error(), NULL));
return 0; return 0;