mirror of
https://github.com/signalwire/freeswitch.git
synced 2025-03-31 02:33:44 +00:00
FS-6174 --resolve after updating to this revision, put ca-bundle.crt in /usr/local/freeswitch/certs to get chain cert in place for both dtls and wss
This commit is contained in:
parent
035985859c
commit
0a3e18a308
@ -1 +1 @@
|
|||||||
Sun Jan 26 07:59:10 UTC 2014
|
Fri Jan 31 20:16:45 CDT 2014
|
||||||
|
@ -338,6 +338,7 @@ static int tport_ws_init_primary_secure(tport_primary_t *pri,
|
|||||||
tport_ws_primary_t *wspri = (tport_ws_primary_t *)pri;
|
tport_ws_primary_t *wspri = (tport_ws_primary_t *)pri;
|
||||||
const char *cert = "/ssl.pem";
|
const char *cert = "/ssl.pem";
|
||||||
const char *key = "/ssl.pem";
|
const char *key = "/ssl.pem";
|
||||||
|
const char *chain = NULL;
|
||||||
char *homedir;
|
char *homedir;
|
||||||
char *tbf = NULL;
|
char *tbf = NULL;
|
||||||
su_home_t autohome[SU_HOME_AUTO_SIZE(1024)];
|
su_home_t autohome[SU_HOME_AUTO_SIZE(1024)];
|
||||||
@ -361,11 +362,13 @@ static int tport_ws_init_primary_secure(tport_primary_t *pri,
|
|||||||
key = su_sprintf(autohome, "%s/%s", path, "wss.key");
|
key = su_sprintf(autohome, "%s/%s", path, "wss.key");
|
||||||
if (access(key, R_OK) != 0) key = NULL;
|
if (access(key, R_OK) != 0) key = NULL;
|
||||||
cert = su_sprintf(autohome, "%s/%s", path, "wss.crt");
|
cert = su_sprintf(autohome, "%s/%s", path, "wss.crt");
|
||||||
|
chain = su_sprintf(autohome, "%s/%s", path, "ca-bundle.crt");
|
||||||
if (access(cert, R_OK) != 0) cert = NULL;
|
if (access(cert, R_OK) != 0) cert = NULL;
|
||||||
if ( !key ) key = su_sprintf(autohome, "%s/%s", path, "wss.pem");
|
if ( !key ) key = su_sprintf(autohome, "%s/%s", path, "wss.pem");
|
||||||
if ( !cert ) cert = su_sprintf(autohome, "%s/%s", path, "wss.pem");
|
if ( !cert ) cert = su_sprintf(autohome, "%s/%s", path, "wss.pem");
|
||||||
if (access(key, R_OK) != 0) key = NULL;
|
if (access(key, R_OK) != 0) key = NULL;
|
||||||
if (access(cert, R_OK) != 0) cert = NULL;
|
if (access(cert, R_OK) != 0) cert = NULL;
|
||||||
|
if (access(chain, R_OK) != 0) chain = NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
init_ssl();
|
init_ssl();
|
||||||
@ -379,6 +382,10 @@ static int tport_ws_init_primary_secure(tport_primary_t *pri,
|
|||||||
|
|
||||||
if ( !wspri->ssl_ctx ) goto done;
|
if ( !wspri->ssl_ctx ) goto done;
|
||||||
|
|
||||||
|
if (chain) {
|
||||||
|
SSL_CTX_use_certificate_chain_file(wspri->ssl_ctx, chain);
|
||||||
|
}
|
||||||
|
|
||||||
/* set the local certificate from CertFile */
|
/* set the local certificate from CertFile */
|
||||||
SSL_CTX_use_certificate_file(wspri->ssl_ctx, cert, SSL_FILETYPE_PEM);
|
SSL_CTX_use_certificate_file(wspri->ssl_ctx, cert, SSL_FILETYPE_PEM);
|
||||||
/* set the private key from KeyFile */
|
/* set the private key from KeyFile */
|
||||||
|
Loading…
x
Reference in New Issue
Block a user