h0ng10 / yubico-yubiserve

Automatically exported from code.google.com/p/yubico-yubiserve
GNU General Public License v3.0
0 stars 0 forks source link

Intermediate CA undetected #30

Open GoogleCodeExporter opened 8 years ago

GoogleCodeExporter commented 8 years ago
What steps will reproduce the problem?
1. Create a certificate where you need an intermediate CA.
2. curl -v https://$SERVER:$PORT/healthcheck?service=all
3. Certificate not valid!!

What is the expected output? What do you see instead?
SSL connection succeeds.

What version of the product are you using? On what operating system?
Trunk, r67 on Ubuntu 12.04.2 LTS

Please provide any additional information below.
                BaseHTTPServer.HTTPServer.__init__(self, server_address, HandlerClass)
                ctx = SSL.Context(SSL.SSLv23_METHOD)
                fpem = os.path.dirname(os.path.realpath(__file__)) + '/yubiserve.pem'
-               ctx.use_privatekey_file  (fpem)
-               ctx.use_certificate_file (fpem)
+                ctx.use_privatekey_file       (fpem)
+                ctx.use_certificate_file      (fpem)
+                ctx.use_certificate_chain_file(fpem)
                self.socket = SSL.Connection(ctx, socket.socket(self.address_family, self.socket_type))
                self.server_bind()
                self.server_activate()

Original issue reported on code.google.com by Nafall...@gmail.com on 23 Apr 2013 at 9:21