diff options
| author | Matthew Hodgson <matthew@matrix.org> | 2015-07-08 18:20:02 +0100 |
|---|---|---|
| committer | Matthew Hodgson <matthew@matrix.org> | 2015-07-08 18:20:02 +0100 |
| commit | 64afbe6ccd19bb2ec94f3fbb3d91586202c924fd (patch) | |
| tree | 6e7697a313ec97290195a7bad25408e2a153da9c /synapse/crypto | |
| parent | Merge pull request #197 from matrix-org/mjark/missing_regex_group (diff) | |
| download | synapse-64afbe6ccd19bb2ec94f3fbb3d91586202c924fd.tar.xz | |
add new optional config for tls_certificate_chain_path for folks with intermediary SSL certs
Diffstat (limited to 'synapse/crypto')
| -rw-r--r-- | synapse/crypto/context_factory.py | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/synapse/crypto/context_factory.py b/synapse/crypto/context_factory.py index 2f8618a0df..ea5dd1e7d3 100644 --- a/synapse/crypto/context_factory.py +++ b/synapse/crypto/context_factory.py @@ -38,6 +38,8 @@ class ServerContextFactory(ssl.ContextFactory): logger.exception("Failed to enable eliptic curve for TLS") context.set_options(SSL.OP_NO_SSLv2 | SSL.OP_NO_SSLv3) context.use_certificate(config.tls_certificate) + if config.tls_certificate_chain: + context.use_certificate_chain_file(config.tls_certificate_chain) if not config.no_tls: context.use_privatekey(config.tls_private_key) |