Hello Pete, Hello Alan, Hello list,
I don't know if anything has been done about chain certs in the new release, but I was able to get chained certs working with OpenSSL by changing the single call to SSL_CTX_use_certificate_file() in pop_tls_openssl.c to SSL_CTX_use_certificate_chain_file(). I then appended the intermediate cert from Thawte to the end of the cert.pem file (so there are 3 keys in the file).
I sent a note about this to one of the addresses listed on the qualcomm site, but I have no idea if anybody ever got it.
I tried the change, but I receive:
gcc -c -I.. -I.. -I. \
-I../mmangle -I../common -I/usr/local/ssl/include \
-g -O2 -DHAVE_CONFIG_H -DLINUX -DUNIX pop_tls_openssl.c -o pop_tls_openssl.o
pop_tls_openssl.c: In function `openssl_init':
pop_tls_openssl.c:366: too many arguments to function `SSL_CTX_use_certificate_chain_file'
make[1]: *** [pop_tls_openssl.o] Fehler 1
make[1]: Leaving directory `/root/qpopper4.0.5.sslpatch/popper'
make: *** [popper_server] Fehler 2
I was unable to find a list archive, so could you please tell me the exact change you've made? :-)
Thanks! Florian
