we expect the server cert to be first like the rfc says

2015-11-04 19:22:37 -08:00
parent bf319cf593
commit b529fd3bea
1 changed files with 2 additions and 0 deletions
--- a/src/settings.js
+++ b/src/settings.js
@@ -290,6 +290,8 @@ function getAll(callback) {
    });
 }

+// note: https://tools.ietf.org/html/rfc4346#section-7.4.2 (certificate_list) requires that the
+// servers certificate appears first (and not the intermediate cert)
 function validateCertificate(cert, key, fqdn) {
    assert(cert === null || typeof cert === 'string');
    assert(key === null || typeof key === 'string');