Using "SSL_CTX_use_certificate_chain_file" instead of "SSL_CTX_use_certificate_file" to support server certificates signed by intermediaries.

commit: 9b3d4b215208ab7ec4f9b5ec1f356fa2f062b802 [log] [tgz]
author: David Galeano <davidgaleano@turbulenz.biz> Thu Jan 10 10:11:21 2013 +0800
committer: Andy Green <andy.green@linaro.org> Thu Jan 10 12:45:53 2013 +0800
tree: 8d0834b5f8089a87cc44036abbe804b425e167fc
parent: 0d586c4930cf68266d49fa0fcd2540e4f02efb44 [diff] [blame]
diff --git a/lib/libwebsockets.c b/lib/libwebsockets.c
index 2f8b453..18c780b 100644
--- a/lib/libwebsockets.c
+++ b/lib/libwebsockets.c

@@ -2800,8 +2800,8 @@
 		/* openssl init for server sockets */
 
 		/* set the local certificate from CertFile */
-		n = SSL_CTX_use_certificate_file(context->ssl_ctx,
-					ssl_cert_filepath, SSL_FILETYPE_PEM);
+		n = SSL_CTX_use_certificate_chain_file(context->ssl_ctx,
+					ssl_cert_filepath);
 		if (n != 1) {
 			fprintf(stderr, "problem getting cert '%s': %s\n",
 				ssl_cert_filepath,
commit	9b3d4b215208ab7ec4f9b5ec1f356fa2f062b802	[log] [tgz]
author	David Galeano <davidgaleano@turbulenz.biz>	Thu Jan 10 10:11:21 2013 +0800
committer	Andy Green <andy.green@linaro.org>	Thu Jan 10 12:45:53 2013 +0800
tree	8d0834b5f8089a87cc44036abbe804b425e167fc
parent	0d586c4930cf68266d49fa0fcd2540e4f02efb44 [diff] [blame]