From 7fd453e43c1cb256250a75f105f669f4648bc947 Mon Sep 17 00:00:00 2001 From: Michael Lazar Date: Tue, 4 May 2021 19:54:07 -0400 Subject: [PATCH] Send the full CA certificate chain if its included in the TLS certificate. (#59) --- CHANGELOG.md | 5 ++++- jetforce/tls.py | 2 +- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 1222214..b2f6bc4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,7 +2,10 @@ ### v0.9.0 (unreleased) -N/A +#### Fixes + +- Fix not sending the complete certificate chain for TLS certificates + that include it. ### v0.8.2 (2021-03-21) diff --git a/jetforce/tls.py b/jetforce/tls.py index 641fa66..5cf8312 100644 --- a/jetforce/tls.py +++ b/jetforce/tls.py @@ -179,7 +179,7 @@ class GeminiCertificateOptions(CertificateOptions): ctx.set_options(self._options) ctx.set_mode(self._mode) - ctx.use_certificate_file(self.certfile) + ctx.use_certificate_chain_file(self.certfile) ctx.use_privatekey_file(self.keyfile or self.certfile) for extraCert in self.extraCertChain: ctx.add_extra_chain_cert(extraCert)