From 09796cf7c98a7b43e9434cbd9b42668717963761 Mon Sep 17 00:00:00 2001 From: Hossein Shafagh Date: Mon, 25 Feb 2019 19:05:54 -0800 Subject: [PATCH] the check_cert_signature() method was attempting to compare RSA and ECC signatures. If a ec public-key certificate is signed with an RSA key, then it can't be a self-signed certificate, in which case we just raise InvalidSignature. --- lemur/common/utils.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lemur/common/utils.py b/lemur/common/utils.py index 62c3182b..44c5142b 100644 --- a/lemur/common/utils.py +++ b/lemur/common/utils.py @@ -199,6 +199,8 @@ def is_selfsigned(cert): return True except InvalidSignature: return False + except UnsupportedAlgorithm as e: + raise Exception(e) def is_weekend(date):