aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssl/src/ssl_certificate.erl
diff options
context:
space:
mode:
authorIngela Anderton Andin <[email protected]>2014-12-09 09:46:36 +0100
committerIngela Anderton Andin <[email protected]>2015-01-30 17:30:26 +0100
commit158447e03d6de6201b4cbb7244e406ea873fa3a3 (patch)
treed29f1a57da7bb52ecc6d8781f0b783804a72a101 /lib/ssl/src/ssl_certificate.erl
parentfdc939b00444e4d0904c91cb3618eafe820eebec (diff)
downloadotp-158447e03d6de6201b4cbb7244e406ea873fa3a3.tar.gz
otp-158447e03d6de6201b4cbb7244e406ea873fa3a3.tar.bz2
otp-158447e03d6de6201b4cbb7244e406ea873fa3a3.zip
ssl: Remove selfsigned anchor certificate from the certificate chain
A selfsigned trusted anchor should not be in the certifcate chain passed to the certificate path validation. Conflicts: lib/ssl/src/ssl_certificate.erl
Diffstat (limited to 'lib/ssl/src/ssl_certificate.erl')
-rw-r--r--lib/ssl/src/ssl_certificate.erl2
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/ssl/src/ssl_certificate.erl b/lib/ssl/src/ssl_certificate.erl
index 9c0ed181fe..30d224fee2 100644
--- a/lib/ssl/src/ssl_certificate.erl
+++ b/lib/ssl/src/ssl_certificate.erl
@@ -282,7 +282,7 @@ other_issuer(OtpCert, CertDbHandle) ->
handle_path({BinCert, OTPCert}, Path, PartialChainHandler) ->
case public_key:pkix_is_self_signed(OTPCert) of
true ->
- {BinCert, Path};
+ {BinCert, lists:delete(BinCert, Path)};
false ->
handle_incomplete_chain(Path, PartialChainHandler)
end.