OpenSSL: Load chain certificates from client_cert file
This helps the server to build the chain to trusted CA when PEM encoding of client_cert is used with multiple listed certificates. This was already done for the server certificate configuration, but the client certificate was limited to using only the first certificate in the file. Signed-off-by: Isaac Boukris <iboukris@gmail.com>
This commit is contained in:
parent
fb60dbdcec
commit
658c39809b
1 changed files with 2 additions and 3 deletions
|
@ -2757,10 +2757,9 @@ static int tls_connection_client_cert(struct tls_connection *conn,
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (SSL_use_certificate_file(conn->ssl, client_cert,
|
if (SSL_use_certificate_chain_file(conn->ssl, client_cert) == 1) {
|
||||||
SSL_FILETYPE_PEM) == 1) {
|
|
||||||
ERR_clear_error();
|
ERR_clear_error();
|
||||||
wpa_printf(MSG_DEBUG, "OpenSSL: SSL_use_certificate_file (PEM)"
|
wpa_printf(MSG_DEBUG, "OpenSSL: SSL_use_certificate_chain_file"
|
||||||
" --> OK");
|
" --> OK");
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue