I am administrating a Sage server for an educational institution that needs to used not self-signed certificates. I successfully generated the request and a certificate was purchased; sage accepts the cert; but, most web browsers see the cert as invalid without the intermediate certificate chain. Sage does not have the option to set such a chain, so I have been looking at writing a patch to implement the functionality.
I am familiar with Python, but not very familiar with Twisted, and have read through the Developer's guide. I have been reading over code for the notebook and for Twisted to get an understanding of what needs to be changed to allow setting an intermediate chain. It appears that `strports` from Twisted is used to setup the SSL connection. However, `strports` returns a Service and there are no parameters for strports (or methods on a Service object) to set an intermediate certificate. It appears I will need to change how run_notebook [writes tracconf.tac to] starts the SSL connection. However, my attempts seems involves importing ssl from twisted.internet which indicates that pyOpenSSL (which is not present) is needed. While I could install pyOpenSSL, I'm guessing the preference would be not to introduce another package or dependancy to Sage. Sage is currently able to create an SSL connection without pyOpenSSL. Is there anyone more familiar with Twisted that could point me in the right direction for doing this w/o OpenSSL, or confirm the OpenSSL in fact nessecary? -- To post to this group, send an email to sage-devel@googlegroups.com To unsubscribe from this group, send an email to sage-devel+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/sage-devel URL: http://www.sagemath.org
