-/* $Id$ */
+/*
+ * $Id$
+ *
+ * Provides HTTPS, when the OpenSSL library is available.
+ */
#ifdef HAVE_OPENSSL
-
#include <stdlib.h>
#include <unistd.h>
#include <string.h>
* Initialize SSL transport layer
*/
SSL_library_init();
- OpenSSL_add_all_algorithms();
+ /* OpenSSL_add_all_algorithms(); */
SSL_load_error_strings();
ssl_method = SSLv2_server_method();
if (!(ssl_ctx = SSL_CTX_new(ssl_method))) {
/*
* Now try to bind to the key and certificate.
+ * Note that we use SSL_CTX_use_certificate_chain_file() which allows
+ * the certificate file to contain intermediate certificates.
*/
- SSL_CTX_use_certificate_file(ssl_ctx, CTDL_CER_PATH, SSL_FILETYPE_PEM);
+ SSL_CTX_use_certificate_chain_file(ssl_ctx, CTDL_CER_PATH);
SSL_CTX_use_PrivateKey_file(ssl_ctx, CTDL_KEY_PATH, SSL_FILETYPE_PEM);
if ( !SSL_CTX_check_private_key(ssl_ctx) ) {
lprintf(3, "Cannot install certificate: %s\n",