remove the tls_certificate_chain_path param and simply support tls_certificate_path pointing to a file containing a chain of certificates

2025-08-07 14:42:12 -04:00 · 2015-07-09 00:45:41 +01:00 · 2015-07-09 00:45:41 +01:00 · fb8d2862c1
commit fb8d2862c1
parent 8ad2d2d1cb
2 changed files with 10 additions and 24 deletions
--- a/synapse/crypto/context_factory.py
+++ b/synapse/crypto/context_factory.py
@ -37,9 +37,7 @@ class ServerContextFactory(ssl.ContextFactory):
        except:
            logger.exception("Failed to enable elliptic curve for TLS")
        context.set_options(SSL.OP_NO_SSLv2 | SSL.OP_NO_SSLv3)
-        context.use_certificate(config.tls_certificate)
-        if config.tls_certificate_chain_file:
-            context.use_certificate_chain_file(config.tls_certificate_chain_file)
+        context.use_certificate_chain_file(config.tls_certificate_file)

        if not config.no_tls:
            context.use_privatekey(config.tls_private_key)