diff options
| author |  Tobias Wiese <tobias@tobiaswiese.com>
| 2021-05-23 01:39:15 +0200 |
|---|---|---|
| committer |  waja <waja@users.noreply.github.com>
| 2022-01-30 12:25:56 +0100 |
| commit | 31bdbfce92de2dc7717fe13a8d1ca8e7dbf850d4 (patch) | |
| tree | 27c5416f0096e89f168c1baaa1909537fb453223 /plugins/sslutils.c | |
| parent | 986b2479465648c49a7eefc3fbf4df8860e3e4b7 (diff) | |
| download | monitoring-plugins-31bdbfce92de2dc7717fe13a8d1ca8e7dbf850d4.tar.gz | |
sslutils: use chain from client certificates
sslutils used to load only the first certificate when it was given a
client certificate file.
Added tests for check_http to connect to a http server that expects a
client certificate (simple and with chain).
Signed-off-by: Tobias Wiese <tobias@tobiaswiese.com>
Diffstat (limited to 'plugins/sslutils.c')
| -rw-r--r-- | plugins/sslutils.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/plugins/sslutils.c b/plugins/sslutils.c index 14f6579d..286273f6 100644 --- a/plugins/sslutils.c +++ b/plugins/sslutils.c @@ -134,7 +134,7 @@ int np_net_ssl_init_with_hostname_version_and_cert(int sd, char *host_name, int return STATE_CRITICAL; } if (cert && privkey) { - SSL_CTX_use_certificate_file(c, cert, SSL_FILETYPE_PEM); + SSL_CTX_use_certificate_chain_file(c, cert); SSL_CTX_use_PrivateKey_file(c, privkey, SSL_FILETYPE_PEM); #ifdef USE_OPENSSL if (!SSL_CTX_check_private_key(c)) { |