From 42eea85c684d57fd6947ac89719d3c7cb26cd34e Mon Sep 17 00:00:00 2001
From: tb <>
Date: Thu, 7 Jul 2022 11:40:17 +0000
Subject: Switch ssltest to using the newly generated certs that use SHA-256
 instead of SHA-1. This helps the switch to security-level aware ssltest.

From jsing
---
 src/regress/lib/libssl/ssl/ssltest.c | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

(limited to 'src/regress/lib/libssl/ssl/ssltest.c')

diff --git a/src/regress/lib/libssl/ssl/ssltest.c b/src/regress/lib/libssl/ssl/ssltest.c
index 32253844b2..0deac3e736 100644
--- a/src/regress/lib/libssl/ssl/ssltest.c
+++ b/src/regress/lib/libssl/ssl/ssltest.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ssltest.c,v 1.33 2021/11/21 21:40:45 tb Exp $ */
+/*	$OpenBSD: ssltest.c,v 1.34 2022/07/07 11:40:17 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -659,8 +659,7 @@ bad:
 		EC_KEY_free(ecdh);
 	}
 
-	if (!SSL_CTX_use_certificate_file(s_ctx, server_cert,
-	    SSL_FILETYPE_PEM)) {
+	if (!SSL_CTX_use_certificate_chain_file(s_ctx, server_cert)) {
 		ERR_print_errors(bio_err);
 	} else if (!SSL_CTX_use_PrivateKey_file(s_ctx,
 	    (server_key ? server_key : server_cert), SSL_FILETYPE_PEM)) {
@@ -669,8 +668,7 @@ bad:
 	}
 
 	if (client_auth) {
-		SSL_CTX_use_certificate_file(c_ctx, client_cert,
-		    SSL_FILETYPE_PEM);
+		SSL_CTX_use_certificate_chain_file(c_ctx, client_cert);
 		SSL_CTX_use_PrivateKey_file(c_ctx,
 		    (client_key ? client_key : client_cert),
 		    SSL_FILETYPE_PEM);
-- 
cgit v1.2.3-55-g6feb