Pull requests

#52 Declined
Repository
Deleted repository
Branch
gumnos/separate-out-validation-of-the-host-cert-1383936622686 (5d2a40a93aab)
Repository
cherrypy/CherryPy CherryPy
Branch
1001-client-cert-verify

Separate out validation of the host certificate (against the CA chain provided) from the ability to validate the hostname/IP address.

Author
  1. Tim Chase
Reviewers
Description

Separate out validation of the host certificate (against the CA chain provided) from the ability to validate the hostname/IP address.

  • Learn about pull requests

Comments (1)

  1. Tim Chase author

    Chris St. Pierre Would you be willing to incorporate this into your 1001-client-cert -verify branch? We had the need to put self-signed certificates on deployed devices where the domain-name and IP address are unknown, but we want to validate that the device has our corporate-CA-signed-certificate when we connect to it. The existing code assumed that if we were providing the CA chain, we would also want to validate the hostname/IP. This short little patch allows those to be somewhat separated out.