diff options
author | decontaminatoR <decontaminatoR> | 2015-04-11 09:28:56 +0000 |
---|---|---|
committer | decontaminatoR <decontaminatoR> | 2015-04-11 09:28:56 +0000 |
commit | d61e4dca0c140e74736bab8a1886769919ccde6d (patch) | |
tree | decdbd656066a55cafec98293c54a75a4f8ab172 | |
parent | 74e520bf74012c41bb85a22182a95d3262f03aab (diff) | |
download | cherrypy-d61e4dca0c140e74736bab8a1886769919ccde6d.tar.gz |
Resolving Issue #1202 by providing a certificate chain to ssl.wrap_socket
-rw-r--r-- | cherrypy/wsgiserver/ssl_builtin.py | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/cherrypy/wsgiserver/ssl_builtin.py b/cherrypy/wsgiserver/ssl_builtin.py index 2c74ad84..4827b424 100644 --- a/cherrypy/wsgiserver/ssl_builtin.py +++ b/cherrypy/wsgiserver/ssl_builtin.py @@ -33,6 +33,9 @@ class BuiltinSSLAdapter(wsgiserver.SSLAdapter): private_key = None """The filename of the server's private key file.""" + + certificate_chain = None + """The filename of the certificate chain file.""" def __init__(self, certificate, private_key, certificate_chain=None): if ssl is None: @@ -51,7 +54,8 @@ class BuiltinSSLAdapter(wsgiserver.SSLAdapter): s = ssl.wrap_socket(sock, do_handshake_on_connect=True, server_side=True, certfile=self.certificate, keyfile=self.private_key, - ssl_version=ssl.PROTOCOL_SSLv23) + ssl_version=ssl.PROTOCOL_SSLv23, + ca_certs=self.certificate_chain) except ssl.SSLError: e = sys.exc_info()[1] if e.errno == ssl.SSL_ERROR_EOF: |