Skip to content

Commit f261935

Browse files
boazsegevboazsegev
authored
Merge pull request #151 from dwolrdcojp/fix-ssl-certs
Improve handling of intermediate certificates in public key for SSL_CTX configuration
2 parents 7b8e5fc + 549e0fc commit f261935

File tree

1 file changed

+5
-1
lines changed

1 file changed

+5
-1
lines changed

lib/facil/tls/fio_tls_openssl.c

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -423,7 +423,11 @@ static void fio_tls_build_context(fio_tls_s *tls) {
423423
X509_INFO *tmp = sk_X509_INFO_value(inf, i);
424424
if (tmp->x509) {
425425
FIO_LOG_DEBUG("TLS adding certificate from PEM file.");
426-
SSL_CTX_use_certificate(tls->ctx, tmp->x509);
426+
if (i == 0) {
427+
SSL_CTX_use_certificate(tls->ctx, tmp->x509);
428+
} else {
429+
SSL_CTX_add1_chain_cert(tls->ctx, tmp->x509);
430+
}
427431
}
428432
if (tmp->x_pkey) {
429433
FIO_LOG_DEBUG("TLS adding private key from PEM file.");

0 commit comments

Comments
 (0)