Hi, Say, I have a servercert.pem, serverkey.pem and cacert.pem. When using SSL_CTX_use_certificate_chain_file() to load a cert file as the second argument, I will have to construct the file like this:
cat servercert.pem serverkey.pem cacert.pem > server.pem and use server.pem in the API. My question is why I need to put in the private server key when loading the certificates? What's even more confusing to me is that later on I have to use SSL_CTX_use_PrivateKey_file() to load the private key file which again is the same as server.pem. I might have misunderstood something or these two APIs might have internally picked the ones they need and ignore the rest in the file. Maybe it's just a convenient way to use a single file for both. David