This commit fixes loading the certificate chain files so that the full
chain could be sent to the clients which require that for
verification. Before that fix only the top most certificate would be
loaded from the chain and sent to clients preventing some of them to
perform certificate validation (e.g. Windows 10 DoH client).
EVP_PKEY_free(pkey);
BN_free(bn);
} else {
- rv = SSL_CTX_use_certificate_file(ctx, certfile,
- SSL_FILETYPE_PEM);
+ rv = SSL_CTX_use_certificate_chain_file(ctx, certfile);
if (rv != 1) {
goto ssl_error;
}