ssl: Remove selfsigned anchor certificate from the certificate chain

A selfsigned trusted anchor should not be in the certifcate chain passed to the certificate path validation. Conflicts: lib/ssl/src/ssl_certificate.erl
author: Ingela Anderton Andin <[email protected]> 2014-12-09 09:46:36 +0100
committer: Ingela Anderton Andin <[email protected]> 2015-01-30 17:30:26 +0100
commit: 158447e03d6de6201b4cbb7244e406ea873fa3a3 (patch)
tree: d29f1a57da7bb52ecc6d8781f0b783804a72a101 /lib/ssl/src
parent: fdc939b00444e4d0904c91cb3618eafe820eebec (diff)
download: otp-158447e03d6de6201b4cbb7244e406ea873fa3a3.tar.gz
otp-158447e03d6de6201b4cbb7244e406ea873fa3a3.tar.bz2
otp-158447e03d6de6201b4cbb7244e406ea873fa3a3.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/ssl/src/ssl_certificate.erl b/lib/ssl/src/ssl_certificate.erl
index 9c0ed181fe..30d224fee2 100644
--- a/lib/ssl/src/ssl_certificate.erl
+++ b/lib/ssl/src/ssl_certificate.erl
@@ -282,7 +282,7 @@ other_issuer(OtpCert, CertDbHandle) ->
 handle_path({BinCert, OTPCert}, Path, PartialChainHandler) ->
     case public_key:pkix_is_self_signed(OTPCert) of
 	true ->
-	    {BinCert, Path};
+	    {BinCert, lists:delete(BinCert, Path)};
 	false ->
 	   handle_incomplete_chain(Path, PartialChainHandler)
     end.
author	Ingela Anderton Andin <[email protected]>	2014-12-09 09:46:36 +0100
committer	Ingela Anderton Andin <[email protected]>	2015-01-30 17:30:26 +0100
commit	158447e03d6de6201b4cbb7244e406ea873fa3a3 (patch)
tree	d29f1a57da7bb52ecc6d8781f0b783804a72a101 /lib/ssl/src
parent	fdc939b00444e4d0904c91cb3618eafe820eebec (diff)
download	otp-158447e03d6de6201b4cbb7244e406ea873fa3a3.tar.gz otp-158447e03d6de6201b4cbb7244e406ea873fa3a3.tar.bz2 otp-158447e03d6de6201b4cbb7244e406ea873fa3a3.zip