From 17920cadf5d2106eef2efb0f891ec1cc6b351a99 Mon Sep 17 00:00:00 2001
From: Hustweimin <hustweimin@user.github.invalid>
Date: Tue, 9 Jul 2019 07:48:35 +0100
Subject: [PATCH] tls: openssl: use lws pem_to_der first for mem cert

https://github.com/warmcat/libwebsockets/issues/1620
---
 lib/tls/openssl/openssl-server.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/lib/tls/openssl/openssl-server.c b/lib/tls/openssl/openssl-server.c
index 9a3a570a8..cf296cf6c 100644
--- a/lib/tls/openssl/openssl-server.c
+++ b/lib/tls/openssl/openssl-server.c
@@ -302,9 +302,14 @@ lws_tls_server_certs_load(struct lws_vhost *vhost, struct lws *wsi,
 		 * memory-buffer private key image is PEM.
 		 */
 #ifndef USE_WOLFSSL
+		if (lws_tls_alloc_pem_to_der_file(vhost->context, cert, mem_cert,
+						  mem_cert_len, &p, &flen)) {
+			lwsl_err("%s: couldn't convert pem to der\n", __func__);
+			return 1;
+		}
 		if (SSL_CTX_use_certificate_ASN1(vhost->tls.ssl_ctx,
-						 (int)mem_cert_len,
-						 (uint8_t *)mem_cert) != 1) {
+						 (int)flen,
+						 (uint8_t *)p) != 1) {
 #else
 		if (wolfSSL_CTX_use_certificate_buffer(vhost->tls.ssl_ctx,
 						 (uint8_t *)mem_cert,