Greetings. I was wondering if there were any plans to add support for an SSL certificate chain file? This is useful to provide a valid certificate chain for lower cost signing authorities. I'm afraid that I'm not 100% positive of the implementation requirements. Although it does seem that OpenSSL supports this concept. I am aware that Apache HTTPD (via mod_ssl) and Courier-IMAP offer support for this feature. Here's a link to information from the Apache HTTPD manual: http://httpd.apache.org/docs-2.0/mod/mod_ssl.html#sslcertificatechainfile Thank you for the continued development of a great project. Matt
Matthew P. Cox wrote:> I was wondering if there were any plans to add support for an SSL > certificate chain file?I works right out of the box, at least with 1.0-tests. Just put all chained certificates in ssl_cert_file, starting with local server public certificate and ending with root certificate of Verisign, Thawte, Globalsign or whatever CA. -- Tomi Hakala