diff options
author | Ingela Anderton Andin <[email protected]> | 2014-12-09 09:46:36 +0100 |
---|---|---|
committer | Ingela Anderton Andin <[email protected]> | 2015-01-30 17:30:26 +0100 |
commit | 158447e03d6de6201b4cbb7244e406ea873fa3a3 (patch) | |
tree | d29f1a57da7bb52ecc6d8781f0b783804a72a101 /lib/ssl/src/ssl_certificate.erl | |
parent | fdc939b00444e4d0904c91cb3618eafe820eebec (diff) | |
download | otp-158447e03d6de6201b4cbb7244e406ea873fa3a3.tar.gz otp-158447e03d6de6201b4cbb7244e406ea873fa3a3.tar.bz2 otp-158447e03d6de6201b4cbb7244e406ea873fa3a3.zip |
ssl: Remove selfsigned anchor certificate from the certificate chain
A selfsigned trusted anchor should not be in the certifcate chain passed to
the certificate path validation.
Conflicts:
lib/ssl/src/ssl_certificate.erl
Diffstat (limited to 'lib/ssl/src/ssl_certificate.erl')
-rw-r--r-- | lib/ssl/src/ssl_certificate.erl | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/ssl/src/ssl_certificate.erl b/lib/ssl/src/ssl_certificate.erl index 9c0ed181fe..30d224fee2 100644 --- a/lib/ssl/src/ssl_certificate.erl +++ b/lib/ssl/src/ssl_certificate.erl @@ -282,7 +282,7 @@ other_issuer(OtpCert, CertDbHandle) -> handle_path({BinCert, OTPCert}, Path, PartialChainHandler) -> case public_key:pkix_is_self_signed(OTPCert) of true -> - {BinCert, Path}; + {BinCert, lists:delete(BinCert, Path)}; false -> handle_incomplete_chain(Path, PartialChainHandler) end. |