Commit 39270a8e authored by root's avatar root

fix problem with certificate verification on OpenVZ servers

parent 8c08f957
...@@ -708,7 +708,7 @@ def check_certificate(domain, ssl_certificate, ssl_private_key, warn_if_expiring ...@@ -708,7 +708,7 @@ def check_certificate(domain, ssl_certificate, ssl_private_key, warn_if_expiring
"openssl", "openssl",
"verify", "-verbose", "verify", "-verbose",
"-purpose", "sslserver", "-policy_check",] "-purpose", "sslserver", "-policy_check",]
+ ([] if len(ssl_cert_chain) == 1 else ["-untrusted", "/dev/stdin"]) + ([] if len(ssl_cert_chain) == 1 else ["-untrusted", "/proc/self/fd/0"])
+ [ssl_certificate], + [ssl_certificate],
input=b"\n\n".join(ssl_cert_chain[1:]), input=b"\n\n".join(ssl_cert_chain[1:]),
trap=True) trap=True)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment