--- Begin Message ---
Hello, when enabling TLS via ‘setTLSState' only the first certificate from the
certificate file is loaded and sent to the client.
This is often not enough as the client’s local trust store usually contains
only the root CA, and if the leaf certificate is not
directly signed by a root CA then additional intermediate certificates are
needed to verify the certificate chain.
In TLSState.cpp, using SSL_CTX_use_certificate_chain_file instead of
SSL_CTX_use_certificate_file would allow
loading a certificate together with its intermediates.
Thanks
--- End Message ---
_______________________________________________
live-devel mailing list
live-devel@lists.live555.com
http://lists.live555.com/mailman/listinfo/live-devel
