You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Current implementation does not allow to load an intermediate certificate.
This requirement is particular important in order to guarantee that the certificate chain offered by the SSL server is complete and trusted by the client.
As far that i know given the current implementation of twisted certificate validators this could not be implemented just using the function PrivateCertificate.fromCertificateAndKeyPair that is currently used but would require to have a directly a call to pyopenssl API add_extra_chain_cert(intermediate) to attach the intermediate certificates to the context.
The text was updated successfully, but these errors were encountered:
This report is inaccurate. Put your intermediates into the same pem file as your certificate and key, and txsni will figure out which one is the certificate that matches the private key, and uses the rest as intermediates.
You can see where it passes the intermediates to CertificateOptions here:
Current implementation does not allow to load an intermediate certificate.
This requirement is particular important in order to guarantee that the certificate chain offered by the SSL server is complete and trusted by the client.
As far that i know given the current implementation of twisted certificate validators this could not be implemented just using the function PrivateCertificate.fromCertificateAndKeyPair that is currently used but would require to have a directly a call to pyopenssl API add_extra_chain_cert(intermediate) to attach the intermediate certificates to the context.
The text was updated successfully, but these errors were encountered: