From 7193b5a2a2331bd307203d941f36608840f82329 Mon Sep 17 00:00:00 2001
From: solidDoWant <fred.heinecke@yahoo.com>
Date: Sun, 27 Apr 2025 09:35:47 +0000
Subject: [PATCH] Add support for loading multiple root CAs from the specified
 CA file

Signed-off-by: solidDoWant <fred.heinecke@yahoo.com>
---
 back/src/Kyoo.RabbitMq/RabbitMqModule.cs | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/back/src/Kyoo.RabbitMq/RabbitMqModule.cs b/back/src/Kyoo.RabbitMq/RabbitMqModule.cs
index 8a489bbb..6b87920f 100644
--- a/back/src/Kyoo.RabbitMq/RabbitMqModule.cs
+++ b/back/src/Kyoo.RabbitMq/RabbitMqModule.cs
@@ -96,7 +96,8 @@ public static class RabbitMqModule
 		if (!string.IsNullOrEmpty(caCertFile))
 		{
 			// Load the cert once at startup instead of on every connection.
-			X509Certificate2 rootCA = new(caCertFile);
+			X509Certificate2Collection rootCACollection = [];
+			rootCACollection.ImportFromPemFile(caCertFile);
 
 			// This is a custom validator that obeys the set SslPolicyErrors, while also using the CA cert specified in the query string.
 			factory.Ssl.CertificateValidationCallback = (
@@ -144,7 +145,7 @@ public static class RabbitMqModule
 				);
 				chain.ChainPolicy.CustomTrustStore.Clear();
 				chain.ChainPolicy.TrustMode = X509ChainTrustMode.CustomRootTrust;
-				chain.ChainPolicy.CustomTrustStore.Add(rootCA);
+				chain.ChainPolicy.CustomTrustStore.AddRange(rootCACollection);
 
 				return chain.Build(new X509Certificate2(certificate));
 			};