Commit 7ff81404 authored by Committed by Vincent Pelletier
http: Constrain the certificates caucased https CA may sign.
This makes it safer to trust this CA certificate in general-purpose https clients, like web browsers, as it prevents such trusted CA certificate from issuing rogue certificates. Bump pyOpenSSL to latest version (and, as a consequence of pyOpenSSL 18.0.0 itself requiring cryptography 2.1.1, bump it as well) as it seems to fix a bug related to validating NameConstraints - and anyway fixes worrying use-after-free errors.
Showing with 45 additions and 7 deletions