Support for intermediate certificates loading #19
Comments
|
probably an up to date solution to add this would be to use |
|
This report is inaccurate. Put your intermediates into the same pem file as your certificate and key, and txsni will figure out which one is the certificate that matches the private key, and uses the rest as intermediates. You can see where it passes the intermediates to Thanks for using TxSNI, though! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Current implementation does not allow to load an intermediate certificate.
This requirement is particular important in order to guarantee that the certificate chain offered by the SSL server is complete and trusted by the client.
As far that i know given the current implementation of twisted certificate validators this could not be implemented just using the function PrivateCertificate.fromCertificateAndKeyPair that is currently used but would require to have a directly a call to pyopenssl API add_extra_chain_cert(intermediate) to attach the intermediate certificates to the context.
The text was updated successfully, but these errors were encountered: