diff options
| author | Maximilian Hils <git@maximilianhils.com> | 2018-07-31 13:34:02 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2018-07-31 13:34:02 +0200 |
| commit | ace0275b35e59ac41ac890ddd76e1b62e8a19717 (patch) | |
| tree | 93192198337c07cd2663274ff347500f1674c7e6 | |
| parent | 5f3cbbb3cd1a8930ec6f9df26cb0d4204391edd7 (diff) | |
| parent | 01e052be6a9f999dff961f7a2d1cffa4e166239a (diff) | |
| download | mitmproxy-ace0275b35e59ac41ac890ddd76e1b62e8a19717.tar.gz mitmproxy-ace0275b35e59ac41ac890ddd76e1b62e8a19717.tar.bz2 mitmproxy-ace0275b35e59ac41ac890ddd76e1b62e8a19717.zip | |
Merge pull request #3274 from muffl0n/shorten_notAfter_to_90_days
Add DEFAULT_EXP_DUMMY_CERT and set to two years
| -rw-r--r-- | mitmproxy/certs.py | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/mitmproxy/certs.py b/mitmproxy/certs.py index 9a864cbc..58aea6d5 100644 --- a/mitmproxy/certs.py +++ b/mitmproxy/certs.py @@ -15,6 +15,7 @@ from mitmproxy.coretypes import serializable # Default expiry must not be too long: https://github.com/mitmproxy/mitmproxy/issues/815 DEFAULT_EXP = 94608000 # = 24 * 60 * 60 * 365 * 3 +DEFAULT_EXP_DUMMY_CERT = 63072000 # = 2 years # Generated with "openssl dhparam". It's too slow to generate this on startup. DEFAULT_DHPARAM = b""" @@ -101,7 +102,7 @@ def dummy_cert(privkey, cacert, commonname, sans): cert = OpenSSL.crypto.X509() cert.gmtime_adj_notBefore(-3600 * 48) - cert.gmtime_adj_notAfter(DEFAULT_EXP) + cert.gmtime_adj_notAfter(DEFAULT_EXP_DUMMY_CERT) cert.set_issuer(cacert.get_subject()) if commonname is not None and len(commonname) < 64: cert.get_subject().CN = commonname |