Generate certificates with a commencement date an hour in the past.

This helps smooth over small discrepancies in client and server times, where it's possible for a certificate to seem to be "in the future" to the client.
author: Aldo Cortesi <aldo@nullcube.com> 2013-01-06 01:16:58 +1300
committer: Aldo Cortesi <aldo@nullcube.com> 2013-01-06 01:16:58 +1300
commit: 91834ea78f36e1e89d4f19ecdddef83b0286b4d4 (patch)
tree: 0d7212548eaca022aa265578b6d53b5cbba1ab0f /netlib/certutils.py
parent: 72032d7fe75fae1bc1318cf0390e55af6a93ff4d (diff)
download: mitmproxy-91834ea78f36e1e89d4f19ecdddef83b0286b4d4.tar.gz
mitmproxy-91834ea78f36e1e89d4f19ecdddef83b0286b4d4.tar.bz2
mitmproxy-91834ea78f36e1e89d4f19ecdddef83b0286b4d4.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/netlib/certutils.py b/netlib/certutils.py
index 51fd9da9..87d9d5d8 100644
--- a/netlib/certutils.py
+++ b/netlib/certutils.py
@@ -104,7 +104,7 @@ def dummy_cert(fp, ca, commonname, sans):
         req.add_extensions([OpenSSL.crypto.X509Extension("subjectAltName", True, ss)])
 
     cert = OpenSSL.crypto.X509()
-    cert.gmtime_adj_notBefore()
+    cert.gmtime_adj_notBefore(-3600)
     cert.gmtime_adj_notAfter(60 * 60 * 24 * 30)
     cert.set_issuer(ca.get_subject())
     cert.set_subject(req.get_subject())
author	Aldo Cortesi <aldo@nullcube.com>	2013-01-06 01:16:58 +1300
committer	Aldo Cortesi <aldo@nullcube.com>	2013-01-06 01:16:58 +1300
commit	91834ea78f36e1e89d4f19ecdddef83b0286b4d4 (patch)
tree	0d7212548eaca022aa265578b6d53b5cbba1ab0f /netlib/certutils.py
parent	72032d7fe75fae1bc1318cf0390e55af6a93ff4d (diff)
download	mitmproxy-91834ea78f36e1e89d4f19ecdddef83b0286b4d4.tar.gz mitmproxy-91834ea78f36e1e89d4f19ecdddef83b0286b4d4.tar.bz2 mitmproxy-91834ea78f36e1e89d4f19ecdddef83b0286b4d4.zip