From 6402eeefc18c47b7dceea5e0dda0b8aeec6719bd Mon Sep 17 00:00:00 2001
From: Magnus Ahltorp <map@kth.se>
Date: Fri, 10 Apr 2015 15:42:03 +0200
Subject: Verify SSL certificates and hostnames in python code Closes
 CATLFISH-34

---
 tools/fetchallcerts.py | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'tools/fetchallcerts.py')

diff --git a/tools/fetchallcerts.py b/tools/fetchallcerts.py
index 395fe69..943759e 100755
--- a/tools/fetchallcerts.py
+++ b/tools/fetchallcerts.py
@@ -23,8 +23,11 @@ parser.add_argument('baseurl', help="Base URL for CT server")
 parser.add_argument('--store', default=None, metavar="dir", help='Store certificates in directory dir')
 parser.add_argument('--write-sth', action='store_true', help='Write STH')
 parser.add_argument('--publickey', default=None, metavar="file", help='Public key for the CT log')
+parser.add_argument('--cafile', default=None, metavar="file", help='File containing the CA cert')
 args = parser.parse_args()
 
+create_ssl_context(cafile=args.cafile)
+
 def get_entries_wrapper(baseurl, start, end):
     fetched_entries = 0
     while start + fetched_entries < (end + 1):
-- 
cgit v1.1