[New-bugs-announce] [issue20000] SSLContext.get_ca_certs() and self-signed certs
Christian Heimes
report at bugs.python.org
Mon Dec 16 19:53:50 CET 2013
New submission from Christian Heimes:
The new method SSLContext.get_ca_certs() returns all certificates in the context's trusted X509_STORE. I recently found out that it is possible to put a self-signed certificate into the store and use it successfully with verify_mode CERT_REQUIRED. get_ca_certs() doesn't return the cert although it is used to successfully validate a remote cert.
I propose to modify and rename the function and to add a "check_ca" to the dict that is returned by getpeercert().
----------
components: Extension Modules
messages: 206347
nosy: christian.heimes
priority: normal
severity: normal
stage: test needed
status: open
title: SSLContext.get_ca_certs() and self-signed certs
type: behavior
versions: Python 3.4
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue20000>
_______________________________________
More information about the New-bugs-announce
mailing list