From 5540079928fd36e656becdbaff7e44138a647ede Mon Sep 17 00:00:00 2001
From: Joel Klinghed <the_jk@yahoo.com>
Date: Mon, 24 Jul 2017 23:02:07 +0200
Subject: Fix mbedtls certificate generation

And improve configure detction for mbedtls by listing other libraries
---
 src/ssl_mbedtls.cc | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'src')

diff --git a/src/ssl_mbedtls.cc b/src/ssl_mbedtls.cc
index 1b3e350..75a624b 100644
--- a/src/ssl_mbedtls.cc
+++ b/src/ssl_mbedtls.cc
@@ -556,6 +556,11 @@ bool SSLCert::generate(Logger* logger, SSLEntropy* entropy,
   if (issuer_key) {
     mbedtls_x509write_crt_set_issuer_key(
         &crt, static_cast<SSLKeyImpl*>(issuer_key)->key());
+  } else if (key) {
+    // Without an issuer_key mbedtls_x509write_crt_pem always fails because
+    // it uses the type of the issuer_key to figure out signature algo
+    mbedtls_x509write_crt_set_issuer_key(
+        &crt, static_cast<SSLKeyImpl*>(key)->key());
   }
 
   subject = "CN=" + host;
-- 
cgit v1.2.3-70-g09d2