Add options to set additional type specific certificate chains to
[openssl.git] / apps / s_cb.c
index 4395f19..b21a428 100644 (file)
@@ -250,7 +250,8 @@ int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file)
        return(1);
        }
 
-int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key)
+int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key,
+                                                       STACK_OF(X509) *chain)
        {
        if (cert ==  NULL)
                return 1;
@@ -275,6 +276,12 @@ int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key)
                BIO_printf(bio_err,"Private key does not match the certificate public key\n");
                return 0;
                }
+       if (chain && !SSL_CTX_set1_chain(ctx, chain))
+               {
+               BIO_printf(bio_err,"error setting certificate chain\n");
+               ERR_print_errors(bio_err);
+               return 0;
+               }
        return 1;
        }