SP-1078 Fix chain certificate load issue

scanoss · Jul 10, 2024 · 01ca4fd · 01ca4fd
1 parent c85b2dd
commit 01ca4fd
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 1 deletion.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -9,6 +9,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ### Added
 - Upcoming changes...
 
+## [1.4.2] - 2024-07-10
+### Fixed
+- Fixed issue loading TLS chained certificates.
+
 ## [1.4.1] - 2024-03-22
 ### Added
 - Added Telemetry option to fine tune which host level metrics are produced by default

diff --git a/pkg/protocol/rest/server.go b/pkg/protocol/rest/server.go
@@ -152,7 +152,13 @@ func RunServer(config *myconfig.ServerConfig, version string) error {
 func loadTLSConfig(config *myconfig.ServerConfig, srv *http.Server) {
 	pemBlocks := loadCertFile(config)
 	pkey := loadPrivateKey(config)
-	c, err := tls.X509KeyPair(pem.EncodeToMemory(pemBlocks[0]), pkey)
+
+	var combinedPem []byte
+	for _, pemBlock := range pemBlocks {
+		combinedPem = append(combinedPem, pem.EncodeToMemory(pemBlock)...)
+	}
+
+	c, err := tls.X509KeyPair(combinedPem, pkey)
 	if err != nil {
 		zlog.S.Panicf("Failed to load TLS key pair (%v - %v): %v", config.TLS.KeyFile, config.TLS.CertFile, err)
 	}