+ syslog(LOG_DEBUG, "crypto: [re]installing key \"%s\" and certificate \"%s\"", key_file, cert_file);
+
+ SSL_CTX_use_certificate_chain_file(new_ctx, cert_file);
+ SSL_CTX_use_PrivateKey_file(new_ctx, key_file, SSL_FILETYPE_PEM);
+
+ if ( !SSL_CTX_check_private_key(new_ctx) ) {
+ syslog(LOG_WARNING, "crypto: cannot install certificate: %s", ERR_reason_error_string(ERR_get_error()));
+ }
+
+ old_ctx = ssl_ctx;
+ ssl_ctx = new_ctx;
+ sleep(1);
+ SSL_CTX_free(old_ctx);
+}
+
+
+// initialize ssl engine, load certs and initialize openssl internals
+void init_ssl(void) {
+
+ // Initialize the OpenSSL library
+ SSL_load_error_strings();
+ ERR_load_crypto_strings();
+ OpenSSL_add_all_algorithms();
+ SSL_library_init();