Vumi Bridge transport can't access Vumi Go over HTTPS

praekeltfoundation / vumi

Messaging engine for the delivery of SMS, Star Menu and chat messages to diverse audiences in emerging markets and beyond.

BSD 3-Clause "New" or "Revised" License

421 stars 131 forks source link

Vumi Bridge transport can't access Vumi Go over HTTPS #1036

Closed hodgestar closed 8 years ago

hodgestar commented 8 years ago

Vumi Go's SSL certificate relies on a weak (SHA1) intermediate certificate. This fails to be verified by a lot of server side software (including Twisted) but is accepted by current browsers. Vumi Go's certificate will be updated in October at the latest, but until then the bridge transport needs to accept weaker certificates.

hodgestar commented 8 years ago

@JayH5 @imsickofmaps Ready for review.

hodgestar commented 8 years ago

And @jerith ^^^

hodgestar commented 8 years ago

@morgs Since this involves SSL, I thought I'd ask you whether you think it's okay to use the weaker CA certificates for now?

jerith commented 8 years ago

:+1: although we should test it against some real HTTPS servers before releasing.