Fix problems with SANs and certificate generation.

author: Aldo Cortesi <aldo@nullcube.com> 2012-02-27 15:36:19 +1300
committer: Aldo Cortesi <aldo@nullcube.com> 2012-02-27 15:36:19 +1300
commit: 2c73e8f816c1965bc5092f4e7e7c57478293ade6 (patch)
tree: 6e1bb466988ec7d947a69520116bfe6a20bb7323 /libmproxy
parent: 2ba8296843fc83256e3e13a23529a915d73a2e2d (diff)
download: mitmproxy-2c73e8f816c1965bc5092f4e7e7c57478293ade6.tar.gz
mitmproxy-2c73e8f816c1965bc5092f4e7e7c57478293ade6.tar.bz2
mitmproxy-2c73e8f816c1965bc5092f4e7e7c57478293ade6.zip
2 files changed, 10 insertions, 1 deletions
diff --git a/libmproxy/resources/cert.cnf b/libmproxy/resources/cert.cnf
index 4f2525a9..4d95f646 100644
--- a/libmproxy/resources/cert.cnf
+++ b/libmproxy/resources/cert.cnf
@@ -27,6 +27,7 @@ nsCertType = server
 basicConstraints = CA:false
 keyUsage = nonRepudiation, digitalSignature, keyEncipherment
 nsCertType = server
+%(altnames)s
 
 [ alt_names ]
 %(sans)s
diff --git a/libmproxy/utils.py b/libmproxy/utils.py
index 57a9e983..474f7844 100644
--- a/libmproxy/utils.py
+++ b/libmproxy/utils.py
@@ -300,7 +300,15 @@ def dummy_cert(certdir, ca, commonname, sans):
     ss = "\n".join(ss)
 
     f = open(confpath, "w")
-    f.write(template%(dict(commonname=commonname, sans=ss)))
+    f.write(
+        template%(
+            dict(
+                commonname=commonname,
+                sans=ss,
+                altnames="subjectAltName = @alt_names" if ss else ""
+            )
+        )
+    )
     f.close()
 
     if ca:
author	Aldo Cortesi <aldo@nullcube.com>	2012-02-27 15:36:19 +1300
committer	Aldo Cortesi <aldo@nullcube.com>	2012-02-27 15:36:19 +1300
commit	2c73e8f816c1965bc5092f4e7e7c57478293ade6 (patch)
tree	6e1bb466988ec7d947a69520116bfe6a20bb7323 /libmproxy
parent	2ba8296843fc83256e3e13a23529a915d73a2e2d (diff)
download	mitmproxy-2c73e8f816c1965bc5092f4e7e7c57478293ade6.tar.gz mitmproxy-2c73e8f816c1965bc5092f4e7e7c57478293ade6.tar.bz2 mitmproxy-2c73e8f816c1965bc5092f4e7e7c57478293ade6.zip