On 28.05.2018 12:06, Hauke Fath wrote: > On 05/21/18 17:55, Aki Tuomi wrote: >> ssl_ca is used only for validating client certificates. > > But it was used (though not documented, IIRC) for validating server > certs, too. Since intermediate CA certs are usually valid a lot longer > than the server certs, having to concat the certs is awkward, at best. > > I would very much like to see the pre-2.3 behaviour of "ssl_ca" restored. > > Cheerio, > hauke >
As far as I know, it has never been working as replacement for adding the chain to cert file. Aki
