[Twisted-Python] "mind" introduced strangely in pb howto

Hynek Schlawack hs at ox.cx
Thu Oct 24 04:30:02 MDT 2013


Am 24.10.2013 um 11:10 schrieb Tobias Oberstein <tobias.oberstein at tavendo.de>:

>>> A concatenated cert like above works today without the new code that is
>> upcoming in Twisted. Which is cool also.
>> 
>> That is completely new to me. Are you sure you're not mixing up Twisted's
>> behavior with nginx?
>> 
>> If what you say is true, there would have never been the need for #2061 and
>> the monkey patching everyone was doing before it landed. Can you point me
>> at a server where you have deployed TLS like that please?
> 
> https://crossbardemo.tavendo.de/ws
> 
> This works for me in Chrome, FF and IE. It is Twisted Web / Autobahn. Nothing in front.

Your server definitely sends three certificates – that’s surprising/confusing.

Could you double-check how you’ve achieved that? If you google for chain certs & Twisted you’ll find all kinds of monkey patches to achieve that; and when I run twistd -n web with a pem that has multiple certificates I still get sent only one from the server. I feel like I’m missing something.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 235 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: </pipermail/twisted-python/attachments/20131024/18a71e79/attachment.sig>


More information about the Twisted-Python mailing list