From b2d428f1a2e4108ec7922f366ef7a80e0c4b4957 Mon Sep 17 00:00:00 2001
From: Lionello Lunesu <lio+git@lunesu.com>
Date: Tue, 1 Nov 2016 15:13:51 +0800
Subject: [PATCH] Add server's cert to ocsp response

---
 lib/ocsp/server.js | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/lib/ocsp/server.js b/lib/ocsp/server.js
index 81900cc..1b5bbc3 100644
--- a/lib/ocsp/server.js
+++ b/lib/ocsp/server.js
@@ -18,10 +18,10 @@ function Server(options) {
   }, options);
 
   this.key = this.options.key;
-  this.cert = rfc5280.Certificate.decode(
+  this.certroot = rfc5280.Certificate.decode(
       ocsp.utils.toDER(options.cert, 'CERTIFICATE'),
       'der');
-  this.cert = this.cert.tbsCertificate;
+  this.cert = this.certroot.tbsCertificate;
 
   var issuerName = rfc5280.Name.encode(this.cert.subject, 'der');
   var issuerKey = this.cert.subjectPublicKeyInfo.subjectPublicKey.data;
@@ -129,9 +129,12 @@ Server.prototype.getResponses = function getResponses(req, cb) {
       signatureAlgorithm: {
         algorithm: ocsp.utils.signRev.sha512WithRSAEncryption
       },
-      signature: null
 
-      // TODO(indutny): send certs?
+      signature: null,
+
+      certs: [
+        self.certroot
+      ]
     };
 
     var sign = crypto.createSign('sha512WithRSAEncryption');