From f5a57b01333db6f5d91d2990dc29c59106fa4e81 Mon Sep 17 00:00:00 2001
From: ale <ale@incal.net>
Date: Sat, 7 Dec 2019 17:07:32 +0000
Subject: [PATCH] Store the trusted chain in 'chain.pem'

This is useful for, e.g. OCSP stapling.
---
 storage.go | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/storage.go b/storage.go
index cffdf405..69a70525 100644
--- a/storage.go
+++ b/storage.go
@@ -79,6 +79,14 @@ func dumpCertsAndKey(cn string, der [][]byte, key crypto.Signer) (map[string][]b
 	}
 	m[filepath.Join(cn, "cert.pem")] = data
 
+	if len(der) > 1 {
+		data, err = encodeCerts(der[1:])
+		if err != nil {
+			return nil, err
+		}
+		m[filepath.Join(cn, "chain.pem")] = data
+	}
+
 	data, err = encodePrivateKey(key)
 	if err != nil {
 		return nil, err
-- 
GitLab