http: Use SubjectAlternativeName in server certificate.

So browsers accept to talk to me.

http: Use SubjectAlternativeName in server certificate.
So browsers accept to talk to me.
b95aa3ea · Vincent Pelletier · 6e915597 · b95aa3ea
Commit b95aa3ea authored Oct 18, 2017 by Vincent Pelletier
Hide whitespace changes
Inline Side-by-side

Showing with 5 additions and 0 deletions

caucase/http.py caucase/http.py +5 -0

No files found.
--- a/caucase/http.py
+++ b/caucase/http.py
@@ -202,6 +202,11 @@ def updateSSLContext(
            # pylint: enable=bad-whitespace
          ),
          critical=True,
+        ).add_extension(
+          x509.SubjectAlternativeName([
+            x509.DNSName(hostname.decode('ascii')),
+          ]),
+          critical=True,
        ).sign(
          private_key=new_key,
          algorithm=utils.DEFAULT_DIGEST_CLASS(),