[Twisted-Python] loading intermediate CA certs from a chain file
konrads at smelkovs.com
Tue Jul 20 10:58:01 EDT 2010
what i recommend is to add all chain in one file using openssl kit
(maybe just cat'ing works). However, most certs issued nowadays
contain the chain already in. You can check with openssl x509 -in
cert.pem -text and see the attached signers cerificate in base64, copy
that to a new.pem and repeat. You can walk this way up the chain to
root cert. If you can, the chaining is not your problem.
Try playing with openssl toolkit alone and see what it says about cert and key.
2010/7/20, exarkun at twistedmatrix.com <exarkun at twistedmatrix.com>:
> On 07:13 am, ssoni at nextdigital.com wrote:
>>Does Twisted support or is there any way of loading intermediate CA
>>certs from a chain file?
> Twisted uses pyOpenSSL for it's SSL support. So you can do pretty much
> anything pyOpenSSL allows. http://packages.python.org/pyOpenSSL
> /openssl-context.html documents the Context interface; in particular the
> use_certificate_chain_file might be interesting. However, I recently
> had a conversation with someone who was using this method and still
> couldn't get their chain certificate to work reliably. I think he's
> still trying to track down the issue.
> Twisted-Python mailing list
> Twisted-Python at twistedmatrix.com
Nosūtīts no manas mobilās ierīces
Applied IT sorcery.
More information about the Twisted-Python