diff options
author | Jason R. Coombs <jaraco@jaraco.com> | 2016-04-30 10:38:57 -0400 |
---|---|---|
committer | Jason R. Coombs <jaraco@jaraco.com> | 2016-04-30 10:38:57 -0400 |
commit | b0da3ad4f852d58402532c9fc016f480243cb8c8 (patch) | |
tree | d8a884812073627fe4d3a2541da601d6ddcbcce9 | |
parent | a787c3ef611cb905dc7684eae9530c714fe0b8d7 (diff) | |
parent | d61e4dca0c140e74736bab8a1886769919ccde6d (diff) | |
download | cherrypy-b0da3ad4f852d58402532c9fc016f480243cb8c8.tar.gz |
Merge https://bitbucket.org/cherrypy/cherrypy/pull-requests/97. Fixes #1202.
-rw-r--r-- | CHANGES.txt | 6 | ||||
-rw-r--r-- | cherrypy/wsgiserver/ssl_builtin.py | 6 |
2 files changed, 11 insertions, 1 deletions
diff --git a/CHANGES.txt b/CHANGES.txt index 291f8c9a..a3c62069 100644 --- a/CHANGES.txt +++ b/CHANGES.txt @@ -1,3 +1,9 @@ +5.2.1 +----- + +* #1202: Add support for specifying a certificate authority when + serving SSL using the built-in SSL support. + 5.2.0 ----- diff --git a/cherrypy/wsgiserver/ssl_builtin.py b/cherrypy/wsgiserver/ssl_builtin.py index 2c74ad84..4827b424 100644 --- a/cherrypy/wsgiserver/ssl_builtin.py +++ b/cherrypy/wsgiserver/ssl_builtin.py @@ -33,6 +33,9 @@ class BuiltinSSLAdapter(wsgiserver.SSLAdapter): private_key = None """The filename of the server's private key file.""" + + certificate_chain = None + """The filename of the certificate chain file.""" def __init__(self, certificate, private_key, certificate_chain=None): if ssl is None: @@ -51,7 +54,8 @@ class BuiltinSSLAdapter(wsgiserver.SSLAdapter): s = ssl.wrap_socket(sock, do_handshake_on_connect=True, server_side=True, certfile=self.certificate, keyfile=self.private_key, - ssl_version=ssl.PROTOCOL_SSLv23) + ssl_version=ssl.PROTOCOL_SSLv23, + ca_certs=self.certificate_chain) except ssl.SSLError: e = sys.exc_info()[1] if e.errno == ssl.SSL_ERROR_EOF: |