Commit 4fa79aa7 authored by Fabian Mauchle's avatar Fabian Mauchle Committed by Linus Nordberg

create new cert_store before reloading CAs and CRLs

Conflicts:
	ChangeLog
parent 9a565fe0
2017-10-?? 1.6.9
Bug fixes:
- Completely reload CAs and CRLs with cacheExpiry (RADSECPROXY-50).
2016-09-21 1.6.8
Bug fixes:
- Stop waiting on writable when reading a TCP socket.
......
......@@ -158,6 +158,7 @@ static int tlsaddcacrl(SSL_CTX *ctx, struct tls *conf) {
X509_STORE *x509_s;
unsigned long error;
SSL_CTX_set_cert_store(ctx, X509_STORE_new());
if (!SSL_CTX_load_verify_locations(ctx, conf->cacertfile, conf->cacertpath)) {
while ((error = ERR_get_error()))
debug(DBG_ERR, "SSL: %s", ERR_error_string(error, NULL));
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment