diff options
| -rw-r--r-- | netlib/tcp.py | 8 | ||||
| -rw-r--r-- | test/tservers.py | 3 |
2 files changed, 7 insertions, 4 deletions
diff --git a/netlib/tcp.py b/netlib/tcp.py index 77eb7b52..61306e4e 100644 --- a/netlib/tcp.py +++ b/netlib/tcp.py @@ -567,7 +567,8 @@ class BaseHandler(_Connection): dhparams=None, **sslctx_kwargs): """ - cert: A certutils.SSLCert object. + cert: A certutils.SSLCert object or the path to a certificate + chain file. handle_sni: SNI handler, should take a connection object. Server name can be retrieved like this: @@ -594,7 +595,10 @@ class BaseHandler(_Connection): context = self._create_ssl_context(**sslctx_kwargs) context.use_privatekey(key) - context.use_certificate(cert.x509) + if isinstance(cert, certutils.SSLCert): + context.use_certificate(cert.x509) + else: + context.use_certificate_chain_file(cert) if handle_sni: # SNI callback happens during do_handshake() diff --git a/test/tservers.py b/test/tservers.py index 899b51bd..5c1ea08b 100644 --- a/test/tservers.py +++ b/test/tservers.py @@ -72,10 +72,9 @@ class TServer(tcp.TCPServer): h = self.handler_klass(request, client_address, self) self.last_handler = h if self.ssl is not None: - raw_cert = self.ssl.get( + cert = self.ssl.get( "cert", tutils.test_data.path("data/server.crt")) - cert = certutils.SSLCert.from_pem(open(raw_cert, "rb").read()) raw_key = self.ssl.get( "key", tutils.test_data.path("data/server.key")) |