Send the full CA certificate chain if its included in the TLS certificate. (#59)

This commit is contained in:
Michael Lazar 2021-05-04 19:54:07 -04:00 committed by GitHub
parent 3d255a7e0b
commit 7fd453e43c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 5 additions and 2 deletions

View File

@ -2,7 +2,10 @@
### v0.9.0 (unreleased) ### v0.9.0 (unreleased)
N/A #### Fixes
- Fix not sending the complete certificate chain for TLS certificates
that include it.
### v0.8.2 (2021-03-21) ### v0.8.2 (2021-03-21)

View File

@ -179,7 +179,7 @@ class GeminiCertificateOptions(CertificateOptions):
ctx.set_options(self._options) ctx.set_options(self._options)
ctx.set_mode(self._mode) ctx.set_mode(self._mode)
ctx.use_certificate_file(self.certfile) ctx.use_certificate_chain_file(self.certfile)
ctx.use_privatekey_file(self.keyfile or self.certfile) ctx.use_privatekey_file(self.keyfile or self.certfile)
for extraCert in self.extraCertChain: for extraCert in self.extraCertChain:
ctx.add_extra_chain_cert(extraCert) ctx.add_extra_chain_cert(extraCert)