summary refs log tree commit diff
diff options
context:
space:
mode:
-rw-r--r--synapse/config/tls.py5
-rw-r--r--synapse/crypto/context_factory.py4
2 files changed, 3 insertions, 6 deletions
diff --git a/synapse/config/tls.py b/synapse/config/tls.py
index 945af38053..5fef63846d 100644
--- a/synapse/config/tls.py
+++ b/synapse/config/tls.py
@@ -32,10 +32,7 @@ class TlsConfig(Config):
         tls_certificate_chain_path = config.get("tls_certificate_chain_path")
 
         if tls_certificate_chain_path and os.path.exists(tls_certificate_chain_path):
-            self.tls_certificate_chain = self.read_tls_certificate(
-                config.get("tls_certificate_chain_path"),
-                "tls_certificate_chain"
-            )
+            self.tls_certificate_chain_file = tls_certificate_chain_path
         else:
             self.tls_certificate_chain = None
 
diff --git a/synapse/crypto/context_factory.py b/synapse/crypto/context_factory.py
index 324dc31fe4..d515007ca0 100644
--- a/synapse/crypto/context_factory.py
+++ b/synapse/crypto/context_factory.py
@@ -38,8 +38,8 @@ class ServerContextFactory(ssl.ContextFactory):
             logger.exception("Failed to enable elliptic curve for TLS")
         context.set_options(SSL.OP_NO_SSLv2 | SSL.OP_NO_SSLv3)
         context.use_certificate(config.tls_certificate)
-        if config.tls_certificate_chain:
-            context.use_certificate_chain_file(config.tls_certificate_chain)
+        if config.tls_certificate_chain_file:
+            context.use_certificate_chain_file(config.tls_certificate_chain_file)
 
         if not config.no_tls:
             context.use_privatekey(config.tls_private_key)