From d2814b5c3374f8b99a81dbb9fa3614c875cfc5e6 Mon Sep 17 00:00:00 2001
From: Alex Auvolat <alex@adnab.me>
Date: Sun, 12 Apr 2020 19:00:30 +0200
Subject: TLS works \o/

So, the issues were:
- webpki does not support IP addresses as DNS names in URLs,
  so I hacked the HttpsConnector to always provide a fixed string
  as the DNS name for server certificate validation
- the certificate requied a SAN section which was complicated to build
  but eventually the solution is there in genkeys.sh
---
 src/rpc_server.rs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src/rpc_server.rs')

diff --git a/src/rpc_server.rs b/src/rpc_server.rs
index f42d54ac..17da6f86 100644
--- a/src/rpc_server.rs
+++ b/src/rpc_server.rs
@@ -120,7 +120,7 @@ pub async fn run_rpc_server(
 
 		let mut config =
 			rustls::ServerConfig::new(rustls::AllowAnyAuthenticatedClient::new(ca_store));
-		config.set_single_cert([&ca_certs[..], &node_certs[..]].concat(), node_key)?;
+		config.set_single_cert([&node_certs[..], &ca_certs[..]].concat(), node_key)?;
 		let tls_acceptor = Arc::new(TlsAcceptor::from(Arc::new(config)));
 
 		let mut listener = TcpListener::bind(&bind_addr).await?;
-- 
cgit v1.2.3