Grasscutters/mitmproxy
3
0
Fork 0
mirror of https://github.com/Grasscutters/mitmproxy.git synced 2024-11-23 00:01:36 +00:00
Code Issues Projects Releases Wiki Activity

Add DEFAULT_EXP_DUMMY_CERT and set to 90 days

Browse Source 
Helps with Chrome's "certificates can not be valid longer than 27,5 month"
Fixes #3273
This commit is contained in:
[OSC] Sven Schliesing 2018-07-31 10:19:43 +02:00
parent 5f3cbbb3cd
commit a081ba6430
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
mitmproxy/certs.py
View File

@ -15,6 +15,7 @@ from mitmproxy.coretypes import serializable
# Default expiry must not be too long: https://github.com/mitmproxy/mitmproxy/issues/815
DEFAULT_EXP = 94608000 # = 24 * 60 * 60 * 365 * 3
DEFAULT_EXP_DUMMY_CERT = 7776000 # = 90 days
# Generated with "openssl dhparam". It's too slow to generate this on startup.
DEFAULT_DHPARAM = b"""
@ -101,7 +102,7 @@ def dummy_cert(privkey, cacert, commonname, sans):
cert = OpenSSL.crypto.X509()
cert.gmtime_adj_notBefore(-3600 * 48)
cert.gmtime_adj_notAfter(DEFAULT_EXP)
cert.gmtime_adj_notAfter(DEFAULT_EXP_DUMMY_CERT)
cert.set_issuer(cacert.get_subject())
if commonname is not None and len(commonname) < 64:
cert.get_subject().CN = commonname