diff options
| -rw-r--r-- | ChangeLog | 4 | ||||
| -rw-r--r-- | tlscommon.c | 1 |
2 files changed, 5 insertions, 0 deletions
@@ -1,3 +1,7 @@ +2017-10-?? 1.6.9 + Bug fixes: + - Completely reload CAs and CRLs with cacheExpiry (RADSECPROXY-50). + 2016-09-21 1.6.8 Bug fixes: - Stop waiting on writable when reading a TCP socket. diff --git a/tlscommon.c b/tlscommon.c index 3d27a35..ca0fa83 100644 --- a/tlscommon.c +++ b/tlscommon.c @@ -158,6 +158,7 @@ static int tlsaddcacrl(SSL_CTX *ctx, struct tls *conf) { X509_STORE *x509_s; unsigned long error; + SSL_CTX_set_cert_store(ctx, X509_STORE_new()); if (!SSL_CTX_load_verify_locations(ctx, conf->cacertfile, conf->cacertpath)) { while ((error = ERR_get_error())) debug(DBG_ERR, "SSL: %s", ERR_error_string(error, NULL)); |