if self.getPort() != '*':
err.append('Port %s not a number' % self.getPort())
if not self.usage in [0,1,2,3]:
- err.append('Usage: invalid (%s is not one of 0, 1 or 2)' % self.usage)
+ err.append('Usage: invalid (%s is not one of 0, 1, 2 or 3)' % self.usage)
if not self.selector in [0,1]:
err.append('Selector: invalid (%s is not one of 0 or 1)' % self.selector)
if not self.mtype in [0,1,2]:
# Good, now let's verify
if record.usage == 1: # End-host cert
- cert = chain[0]
- if verifyCertMatch(record, cert):
+ if verifyCertMatch(record, chain[0]):
if verify_result == 0: # The cert chains to a valid CA cert according to the system-certificates
print 'SUCCESS (Usage 1): Certificate offered by the server matches the one mentioned in the TLSA record and chains to a valid CA certificate'
else: