#3064: Deluge Web TLS not working with certificate chains
---------------------+--------------------
Reporter: Jay-C | Owner:
Type: bug | Status: new
Priority: major | Milestone: 1.3.16
Component: Web UI | Version: 1.3.15
Resolution: | Keywords:
---------------------+--------------------
Comment (by Cas):
Hmm ok, trying solve that issue has unintentionally broken server
chaining. I'd want to avoid pem module in 1.3-stable as it pushes the
minimum Twisted version to 14.0 but may consider it for develop.
Can you test this change:
{{{#!diff
diff --git deluge/ui/web/server.py deluge/ui/web/server.py
index 2897ae323..32df20ddf 100644
--- deluge/ui/web/server.py
+++ deluge/ui/web/server.py
@@ -661,7 +661,9 @@ def start_ssl(self):
with open(configmanager.get_config_dir(self.pkey)) as pkey:
private_key = KeyPair.load(pkey.read(),
FILETYPE_PEM).original
options = CertificateOptions(privateKey=private_key,
certificate=certificate, method=SSL.SSLv23_METHOD)
- options.getContext().set_options(SSL.OP_NO_SSLv2 |
SSL.OP_NO_SSLv3)
+ ctx = options.getContext()
+ ctx.set_options(SSL.OP_NO_SSLv2 | SSL.OP_NO_SSLv3)
+ ctx.use_certificate_chain_file(certificate)
self.socket = reactor.listenSSL(self.port, self.site, options,
interface=self.interface)
ip = self.socket.getHost().host
}}}
--
Ticket URL: <http://dev.deluge-torrent.org/ticket/3064#comment:1>
Deluge <http://deluge-torrent.org/>
Deluge Project
--
You received this message because you are subscribed to the Google Groups
"Deluge Dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at https://groups.google.com/group/deluge-dev.
For more options, visit https://groups.google.com/d/optout.
