tcptls.c: Made TLS handle a certificate chain file.

Thanks to Guillaume Martres for doing the necessary research to validate
the change.

(closes issue ASTERISK-17727)
Reported by: LN
Patches:
      use_certificate_chain.patch (license #5864) patch uploaded by st
      documente_certificate_chain.patch (license #6576) patch uploaded by Guillaume Martres
........

Merged revisions 407272 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........

Merged revisions 407273 from http://svn.asterisk.org/svn/asterisk/branches/11
........

Merged revisions 407274 from http://svn.asterisk.org/svn/asterisk/branches/12


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@407275 65c4cc65-6c06-0410-ace0-fbb531ad65f3

1 files changed, 4 insertions, 2 deletions

diff --git a/configs/sip.conf.sample b/configs/sip.conf.sample
index 6c7bad92a..46af79043 100644
--- a/configs/sip.conf.sample
+++ b/configs/sip.conf.sample
@@ -539,8 +539,10 @@ srvlookup=yes                   ; Enable DNS SRV lookups on outbound calls
 
 ;
 ;------------------------ TLS settings ------------------------------------------------------------
-;tlscertfile=</path/to/certificate.pem> ; Certificate file (*.pem format only) to use for TLS connections
-                                        ; default is to look for "asterisk.pem" in current directory
+;tlscertfile=</path/to/certificate.pem> ; Certificate chain (*.pem format only) to use for TLS connections
+                                        ; The certificates must be sorted starting with the subject's certificate
+                                        ; and followed by intermediate CA certificates if applicable.
+                                        ; Default is to look for "asterisk.pem" in current directory
 
 ;tlsprivatekey=</path/to/private.pem> ; Private key file (*.pem format only) for TLS connections.
                                       ; If no tlsprivatekey is specified, tlscertfile is searched for