summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGlenn Strauss <gstrauss@gluelogic.com>2017-11-04 16:42:52 -0400
committerGlenn Strauss <gstrauss@gluelogic.com>2017-11-04 17:01:32 -0400
commit1a22ca87f91905a4efd903218348803b199b3956 (patch)
tree8f18c614b84273067b9c7c406da5d3288a67d264
parent35ecd4dd9d3cd6a6437ae9f6bbd0fd135c614227 (diff)
downloadlighttpd1.4-1a22ca87f91905a4efd903218348803b199b3956.tar.gz
lighttpd1.4-1a22ca87f91905a4efd903218348803b199b3956.zip
[mod_openssl] allow specifying server cert chain (fixes #2692)
x-ref: "allow setting explicit SSL server certificate chain" https://redmine.lighttpd.net/issues/2692 https://github.com/lighttpd/lighttpd1.4/pull/62 github: closes #62
-rw-r--r--src/mod_openssl.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/src/mod_openssl.c b/src/mod_openssl.c
index 44ff8922..6001b3fd 100644
--- a/src/mod_openssl.c
+++ b/src/mod_openssl.c
@@ -843,7 +843,8 @@ network_init_ssl (server *srv, void *p_d)
}
}
- if (1 != SSL_CTX_use_certificate(s->ssl_ctx, s->ssl_pemfile_x509)) {
+ if (1 != SSL_CTX_use_certificate_chain_file(s->ssl_ctx,
+ s->ssl_pemfile->ptr)) {
log_error_write(srv, __FILE__, __LINE__, "ssb", "SSL:",
ERR_error_string(ERR_get_error(), NULL),
s->ssl_pemfile);