diff options
| l--------- | CHANGELOG.md | 1 | ||||
| -rw-r--r-- | acme/acme/challenges.py | 2 | ||||
| -rw-r--r-- | acme/tests/challenges_test.py | 4 | ||||
| -rw-r--r-- | certbot/CHANGELOG.md | 3 |
4 files changed, 5 insertions, 5 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md deleted file mode 120000 index ba7396f24..000000000 --- a/CHANGELOG.md +++ /dev/null @@ -1 +0,0 @@ -certbot/CHANGELOG.md
\ No newline at end of file diff --git a/acme/acme/challenges.py b/acme/acme/challenges.py index 8a0366301..39c8d6269 100644 --- a/acme/acme/challenges.py +++ b/acme/acme/challenges.py @@ -303,7 +303,7 @@ class HTTP01Response(KeyAuthorizationChallengeResponse): uri = chall.uri(domain) logger.debug("Verifying %s at %s...", chall.typ, uri) try: - http_response = requests.get(uri) + http_response = requests.get(uri, verify=False) except requests.exceptions.RequestException as error: logger.error("Unable to reach %s: %s", uri, error) return False diff --git a/acme/tests/challenges_test.py b/acme/tests/challenges_test.py index 490caadc2..adebaffc5 100644 --- a/acme/tests/challenges_test.py +++ b/acme/tests/challenges_test.py @@ -181,7 +181,7 @@ class HTTP01ResponseTest(unittest.TestCase): mock_get.return_value = mock.MagicMock(text=validation) self.assertTrue(self.response.simple_verify( self.chall, "local", KEY.public_key())) - mock_get.assert_called_once_with(self.chall.uri("local")) + mock_get.assert_called_once_with(self.chall.uri("local"), verify=False) @mock.patch("acme.challenges.requests.get") def test_simple_verify_bad_validation(self, mock_get): @@ -197,7 +197,7 @@ class HTTP01ResponseTest(unittest.TestCase): HTTP01Response.WHITESPACE_CUTSET)) self.assertTrue(self.response.simple_verify( self.chall, "local", KEY.public_key())) - mock_get.assert_called_once_with(self.chall.uri("local")) + mock_get.assert_called_once_with(self.chall.uri("local"), verify=False) @mock.patch("acme.challenges.requests.get") def test_simple_verify_connection_error(self, mock_get): diff --git a/certbot/CHANGELOG.md b/certbot/CHANGELOG.md index 3e3fda49f..7367c929f 100644 --- a/certbot/CHANGELOG.md +++ b/certbot/CHANGELOG.md @@ -6,7 +6,8 @@ Certbot adheres to [Semantic Versioning](https://semver.org/). ### Added -* +* Don't verify the existing certificate in HTTP01Response.simple_verify, for + compatibility with the real-world ACME challenge checks. ### Changed |