[Twisted-Python] "mind" introduced strangely in pb howto
Tobias Oberstein
tobias.oberstein at tavendo.de
Thu Oct 24 03:10:48 MDT 2013
> > A concatenated cert like above works today without the new code that is
> upcoming in Twisted. Which is cool also.
>
> That is completely new to me. Are you sure you're not mixing up Twisted's
> behavior with nginx?
>
> If what you say is true, there would have never been the need for #2061 and
> the monkey patching everyone was doing before it landed. Can you point me
> at a server where you have deployed TLS like that please?
https://crossbardemo.tavendo.de/ws
This works for me in Chrome, FF and IE. It is Twisted Web / Autobahn. Nothing in front.
Now, using
openssl s_client -host crossbardemo.tavendo.de -port 443
spits out errors complaining about "self-signed" cert inside.
This might be because I not only included the StartSSL intermediate CA cert, but also their top-level CA cert (which is obviously self-signed).
Maybe this is wrong, and one should only include up to (but excluding) root CA cert ..
/Tobias
More information about the Twisted-Python
mailing list