diff options
Diffstat (limited to 'crypto')
| -rw-r--r-- | crypto/src/main/java/org/conscrypt/OpenSSLSocketImpl.java | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/crypto/src/main/java/org/conscrypt/OpenSSLSocketImpl.java b/crypto/src/main/java/org/conscrypt/OpenSSLSocketImpl.java index 9b066b5..f8a4a98 100644 --- a/crypto/src/main/java/org/conscrypt/OpenSSLSocketImpl.java +++ b/crypto/src/main/java/org/conscrypt/OpenSSLSocketImpl.java @@ -506,6 +506,11 @@ public class OpenSSLSocketImpl return; } + // Note that OpenSSL says to use SSL_use_certificate before SSL_use_PrivateKey. + + byte[][] certificateBytes = NativeCrypto.encodeCertificates(certificates); + NativeCrypto.SSL_use_certificate(sslNativePointer, certificateBytes); + try { final OpenSSLKey key = OpenSSLKey.fromPrivateKey(privateKey); NativeCrypto.SSL_use_PrivateKey(sslNativePointer, key.getPkeyContext()); @@ -513,9 +518,6 @@ public class OpenSSLSocketImpl throw new SSLException(e); } - byte[][] certificateBytes = NativeCrypto.encodeCertificates(certificates); - NativeCrypto.SSL_use_certificate(sslNativePointer, certificateBytes); - // checks the last installed private key and certificate, // so need to do this once per loop iteration NativeCrypto.SSL_check_private_key(sslNativePointer); |