From ec7b3fc787bee9ea11547d1e8e5d8e160fdfc18e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20=C3=85kre=20Solberg?= <andreas.solberg@uninett.no>
Date: Wed, 22 Apr 2015 20:29:19 +0200
Subject: [PATCH] Adding support for providing intermediate CA certificates
 when running etherpad-lite with ssl through Node/expressjs

---
 settings.json.template    | 1 +
 src/node/hooks/express.js | 7 +++++++
 2 files changed, 8 insertions(+)

diff --git a/settings.json.template b/settings.json.template
index 39c383ed..7d9c62cc 100644
--- a/settings.json.template
+++ b/settings.json.template
@@ -25,6 +25,7 @@
   "ssl" : {
             "key"  : "/path-to-your/epl-server.key",
             "cert" : "/path-to-your/epl-server.crt"
+            "ca": ["/path-to-your/epl-intermediate-cert1.crt", "/path-to-your/epl-intermediate-cert2.crt"]
           },
 
   */
diff --git a/src/node/hooks/express.js b/src/node/hooks/express.js
index 3abe41f8..1752f5d0 100644
--- a/src/node/hooks/express.js
+++ b/src/node/hooks/express.js
@@ -46,6 +46,13 @@ exports.restartServer = function () {
       key: fs.readFileSync( settings.ssl.key ),
       cert: fs.readFileSync( settings.ssl.cert )
     };
+    if (settings.ssl.ca) {
+      options.ca = [];
+      for(var i = 0; i < settings.ssl.ca.length; i++) {
+        var caFileName = settings.ssl.ca[i];
+        options.ca.push(fs.readFileSync(caFileName));
+      }
+    }
     
     var https = require('https');
     server = https.createServer(options, app);