From fa51a2c281d60464f1642c1f6e05ee921f069e08 Mon Sep 17 00:00:00 2001
From: Metsjeesus <kalakohad@gmail.com>
Date: Mon, 10 Apr 2017 18:49:58 +0000
Subject: [PATCH] Add CA bundle option in SSL

---
 defaults/config.js | 11 ++++++++++-
 src/server.js      |  9 ++++++++-
 2 files changed, 18 insertions(+), 2 deletions(-)

diff --git a/defaults/config.js b/defaults/config.js
index 98f4876c..30a66bd9 100644
--- a/defaults/config.js
+++ b/defaults/config.js
@@ -287,7 +287,16 @@ module.exports = {
 		// @example  "sslcert/key-cert.pem"
 		// @default  ""
 		//
-		certificate: ""
+		certificate: "",
+
+		//
+		// Path to the CA bundle.
+		//
+		// @type     string
+		// @example  "sslcert/bundle.pem"
+		// @default  ""
+		//
+		ca: ""
 	},
 
 	//
diff --git a/src/server.js b/src/server.js
index 42c3461a..0ff97b76 100644
--- a/src/server.js
+++ b/src/server.js
@@ -44,6 +44,7 @@ module.exports = function() {
 	} else {
 		const keyPath = Helper.expandHome(config.https.key);
 		const certPath = Helper.expandHome(config.https.certificate);
+		const caPath = Helper.expandHome(config.https.ca);
 
 		if (!keyPath.length || !fs.existsSync(keyPath)) {
 			log.error("Path to SSL key is invalid. Stopping server...");
@@ -55,10 +56,16 @@ module.exports = function() {
 			process.exit();
 		}
 
+		if (caPath.length && !fs.existsSync(caPath)) {
+			log.error("Path to SSL ca bundle is invalid. Stopping server...");
+			process.exit();
+		}
+
 		server = require("spdy");
 		server = server.createServer({
 			key: fs.readFileSync(keyPath),
-			cert: fs.readFileSync(certPath)
+			cert: fs.readFileSync(certPath),
+			ca: caPath ? fs.readFileSync(caPath) : undefined
 		}, app);
 	}