Support SSL certificate chains in the server certificate file.

author Magnus Hagander <magnus@hagander.net>

Mon, 11 May 2009 08:06:21 +0000 (08:06 +0000)

committer Magnus Hagander <magnus@hagander.net>

Mon, 11 May 2009 08:06:21 +0000 (08:06 +0000)
author Magnus Hagander <magnus@hagander.net>
Mon, 11 May 2009 08:06:21 +0000 (08:06 +0000)
committer Magnus Hagander <magnus@hagander.net>
Mon, 11 May 2009 08:06:21 +0000 (08:06 +0000)
diff --git a/src/backend/libpq/be-secure.c b/src/backend/libpq/be-secure.c

index 44575e3591928d6652944150b109c784605611fd..a0946dcbb2564c14b923288f06737ce9eb947bac 100644 (file)
--- a/src/backend/libpq/be-secure.c
+++ b/src/backend/libpq/be-secure.c
@@ -729,9 +729,8 @@ initialize_SSL(void)
                 /*
                  * Load and verify certificate and private key
                  */
-               if (SSL_CTX_use_certificate_file(SSL_context,
-                                                                                 SERVER_CERT_FILE,
-                                                                                 SSL_FILETYPE_PEM) != 1)
+               if (SSL_CTX_use_certificate_chain_file(SSL_context,
+                                                                                 SERVER_CERT_FILE) != 1)
                         ereport(FATAL,
                                         (errcode(ERRCODE_CONFIG_FILE_ERROR),
                                   errmsg("could not load server certificate file \"%s\": %s",
author	Magnus Hagander <magnus@hagander.net>
	Mon, 11 May 2009 08:06:21 +0000 (08:06 +0000)
committer	Magnus Hagander <magnus@hagander.net>
	Mon, 11 May 2009 08:06:21 +0000 (08:06 +0000)