projects
/
citadel.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
ef9c7f3
)
* crypto.c: allow use of chained certificates
author
Art Cancro
<ajc@citadel.org>
Sat, 5 Mar 2005 22:26:26 +0000
(22:26 +0000)
committer
Art Cancro
<ajc@citadel.org>
Sat, 5 Mar 2005 22:26:26 +0000
(22:26 +0000)
webcit/ChangeLog
patch
|
blob
|
history
webcit/crypto.c
patch
|
blob
|
history
diff --git
a/webcit/ChangeLog
b/webcit/ChangeLog
index 97c5edf7fec112ffe18bfcaabe2e35950ef48004..95efa2abb5d8bd33470d69bc5afe36792030e1f2 100644
(file)
--- a/
webcit/ChangeLog
+++ b/
webcit/ChangeLog
@@
-1,4
+1,7
@@
$Log$
$Log$
+Revision 603.7 2005/03/05 22:26:26 ajc
+* crypto.c: allow use of chained certificates
+
Revision 603.6 2005/03/05 05:04:34 ajc
* minor html changes
Revision 603.6 2005/03/05 05:04:34 ajc
* minor html changes
@@
-2457,4
+2460,3
@@
Sun Dec 6 19:50:55 EST 1998 Art Cancro <ajc@uncnsrd.mt-kisco.ny.us>
1998-12-03 Nathan Bryant <bryant@cs.usm.maine.edu>
* webserver.c: warning fix
1998-12-03 Nathan Bryant <bryant@cs.usm.maine.edu>
* webserver.c: warning fix
-
diff --git
a/webcit/crypto.c
b/webcit/crypto.c
index 27e6893d07412c5aaed5115a9fc334284822c7eb..5e690e4e745cae0eb0d31618a6b779e7410d1fa4 100644
(file)
--- a/
webcit/crypto.c
+++ b/
webcit/crypto.c
@@
-332,8
+332,10
@@
void init_ssl(void)
/*
* Now try to bind to the key and certificate.
/*
* Now try to bind to the key and certificate.
+ * Note that we use SSL_CTX_use_certificate_chain_file() which allows
+ * the certificate file to contain intermediate certificates.
*/
*/
- SSL_CTX_use_certificate_
file(ssl_ctx, CTDL_CER_PATH, SSL_FILETYPE_PEM
);
+ SSL_CTX_use_certificate_
chain_file(ssl_ctx, CTDL_CER_PATH
);
SSL_CTX_use_PrivateKey_file(ssl_ctx, CTDL_KEY_PATH, SSL_FILETYPE_PEM);
if ( !SSL_CTX_check_private_key(ssl_ctx) ) {
lprintf(3, "Cannot install certificate: %s\n",
SSL_CTX_use_PrivateKey_file(ssl_ctx, CTDL_KEY_PATH, SSL_FILETYPE_PEM);
if ( !SSL_CTX_check_private_key(ssl_ctx) ) {
lprintf(3, "Cannot install certificate: %s\n",