diff options
| author | Tobias Wiese <tobias@tobiaswiese.com> | 2021-05-22 23:39:15 (GMT) |
|---|---|---|
| committer | waja <waja@users.noreply.github.com> | 2022-01-30 11:25:56 (GMT) |
| commit | 31bdbfce92de2dc7717fe13a8d1ca8e7dbf850d4 (patch) | |
| tree | 27c5416f0096e89f168c1baaa1909537fb453223 /plugins/sslutils.c | |
| parent | 986b2479465648c49a7eefc3fbf4df8860e3e4b7 (diff) | |
| download | monitoring-plugins-31bdbfc.tar.gz | |
sslutils: use chain from client certificates
sslutils used to load only the first certificate when it was given a
client certificate file.
Added tests for check_http to connect to a http server that expects a
client certificate (simple and with chain).
Signed-off-by: Tobias Wiese <tobias@tobiaswiese.com>
Diffstat (limited to 'plugins/sslutils.c')
| -rw-r--r-- | plugins/sslutils.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/plugins/sslutils.c b/plugins/sslutils.c index 14f6579..286273f 100644 --- a/plugins/sslutils.c +++ b/plugins/sslutils.c | |||
| @@ -134,7 +134,7 @@ int np_net_ssl_init_with_hostname_version_and_cert(int sd, char *host_name, int | |||
| 134 | return STATE_CRITICAL; | 134 | return STATE_CRITICAL; |
| 135 | } | 135 | } |
| 136 | if (cert && privkey) { | 136 | if (cert && privkey) { |
| 137 | SSL_CTX_use_certificate_file(c, cert, SSL_FILETYPE_PEM); | 137 | SSL_CTX_use_certificate_chain_file(c, cert); |
| 138 | SSL_CTX_use_PrivateKey_file(c, privkey, SSL_FILETYPE_PEM); | 138 | SSL_CTX_use_PrivateKey_file(c, privkey, SSL_FILETYPE_PEM); |
| 139 | #ifdef USE_OPENSSL | 139 | #ifdef USE_OPENSSL |
| 140 | if (!SSL_CTX_check_private_key(c)) { | 140 | if (!SSL_CTX_check_private_key(c)) { |