Hi, I use the idFTPServer as FTPs server. Everything works with self-signed certificates.
IdServerIOHandlerSSLOpenSSL->SSLOptions->KeyFile / IdServerIOHandlerSSLOpenSSL->SSLOptions->CertFile / IdServerIOHandlerSSLOpenSSL->SSLOptions->RootCertFile are set.
Where can I specify a certificate version chain?
SSLOptions->RootCertFile
refers to a single file in PEM format containing 1 or more trusted CA certificates. There is also an SSLOptions->VerifyDirs
property that refers to a folder containing trusted CA certificates in individual PEM files. See OpenSSL's documentation for the SSL_CTX_load_verify_locations()
function for more details: https://www.openssl.org/docs/man1.0.2/ssl/SSL_CTX_load_verify_locations.html