Skip to content

Commit

Permalink
coap_openssl.c: Revert out using SSL_use_certificate_chain_file()
Browse files Browse the repository at this point in the history 
Go back to using SSL_use_certificate_file().
Unexpected side effects with CA validation which needs further
troubleshooting to get to root cause.
  • Loading branch information
@mrdeep1
mrdeep1 committed May 13, 2024
1 parent 5d77688 commit e521eab
Showing 1 changed file with 6 additions and 4 deletions.
10 changes: 6 additions & 4 deletions src/coap_openssl.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1643,8 +1643,9 @@ setup_pki_server(SSL_CTX *ctx,
key.key.define.public_cert.u_byte[0]) {
switch (key.key.define.public_cert_def) {
case COAP_PKI_KEY_DEF_PEM: /* define public cert */
if (!(SSL_CTX_use_certificate_chain_file(ctx,
key.key.define.public_cert.s_byte))) {
if (!(SSL_CTX_use_certificate_file(ctx,
key.key.define.public_cert.s_byte,
SSL_FILETYPE_PEM))) {
return coap_dtls_define_issue(COAP_DEFINE_KEY_PUBLIC,
COAP_DEFINE_FAIL_BAD,
&key, COAP_DTLS_ROLE_SERVER, 0);
Expand Down Expand Up @@ -2080,8 +2081,9 @@ setup_pki_ssl(SSL *ssl,
key.key.define.public_cert.u_byte[0]) {
switch (key.key.define.public_cert_def) {
case COAP_PKI_KEY_DEF_PEM: /* define public cert */
if (!(SSL_use_certificate_chain_file(ssl,
key.key.define.public_cert.s_byte))) {
if (!(SSL_use_certificate_file(ssl,
key.key.define.public_cert.s_byte,
SSL_FILETYPE_PEM))) {
return coap_dtls_define_issue(COAP_DEFINE_KEY_PUBLIC,
COAP_DEFINE_FAIL_BAD,
&key, role, 0);
Expand Down

0 comments on commit e521eab

Please sign in to comment.