Hello,
I encountered a problem that mod_ssl(httpd-2.0.43) always skips a leading certficate of SSLCertificateChainFile. So, I checked the source code of httpd-2.0.43, and I found the related codes in "ssl_engine_init.c". In a function "ssl_init_ctx_cert_chain()", a function "SSL_CTX_use_certificate_chain()" is invoked with some arguments - the third argument is a local boolean variable "skip_first". If skip_first is TRUE, SSL_CTX_use_certificate_chain() skips a leading certificate of SSLCertificateChainFile. Because ssl_init_ctx_cert_chain() initializes skip_first to TRUE and doesn't make it FALSE, skip_first is always TRUE. Therefore, a leading certificate of SSLCertficateChainFile is always skipped. I think skip_first should be initialized to FALSE. (Since mod_ssl-2.8.12-1.3.27 works fine, I checked its source code. There are similar codes, and skip_first is initialized to FALSE.) ---- Tadasuke SUDO
