diff options
| author | andreer <andreer@verizonmedia.com> | 2019-09-19 02:38:27 +0200 |
|---|---|---|
| committer | andreer <andreer@verizonmedia.com> | 2019-09-19 02:38:27 +0200 |
| commit | 5dae8d7cd8371c374c262ce8e04a9c342b280496 (patch) | |
| tree | 7c0b1e0a33de63a453d25784b0139e861fc493ec /jdisc_http_service | |
| parent | f20cdeb2c1e4268cf27930d3a1f8a03201c76356 (diff) | |
set up tls using complete cert chain in config/file
Diffstat (limited to 'jdisc_http_service')
| -rw-r--r-- | jdisc_http_service/src/main/java/com/yahoo/jdisc/http/ssl/impl/ConfiguredSslContextFactoryProvider.java | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/ssl/impl/ConfiguredSslContextFactoryProvider.java b/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/ssl/impl/ConfiguredSslContextFactoryProvider.java index 23a46cfd119..48a7c246500 100644 --- a/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/ssl/impl/ConfiguredSslContextFactoryProvider.java +++ b/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/ssl/impl/ConfiguredSslContextFactoryProvider.java @@ -40,12 +40,12 @@ public class ConfiguredSslContextFactoryProvider extends TlsContextBasedProvider if (!sslConfig.enabled()) throw new IllegalStateException(); PrivateKey privateKey = KeyUtils.fromPemEncodedPrivateKey(getPrivateKey(sslConfig)); - X509Certificate certificate = X509CertificateUtils.fromPem(getCertificate(sslConfig)); + List<X509Certificate> certificates = X509CertificateUtils.certificateListFromPem(getCertificate(sslConfig)); List<X509Certificate> caCertificates = getCaCertificates(sslConfig) .map(X509CertificateUtils::certificateListFromPem) .orElse(List.of()); PeerAuthentication peerAuthentication = toPeerAuthentication(sslConfig.clientAuth()); - return new DefaultTlsContext(List.of(certificate), privateKey, caCertificates, null, null, peerAuthentication); + return new DefaultTlsContext(certificates, privateKey, caCertificates, null, null, peerAuthentication); } private static void validateConfig(ConnectorConfig.Ssl config) { |