[Python-Dev] SSL certificates recommendations for downstream python packagers
David Cournapeau
cournape at gmail.com
Mon Jan 30 16:05:33 EST 2017
On Mon, Jan 30, 2017 at 8:50 PM, Cory Benfield <cory at lukasa.co.uk> wrote:
>
>
> > On 30 Jan 2017, at 13:53, David Cournapeau <cournape at gmail.com> wrote:
> >
> > Are there any official recommendations for downstream packagers beyond
> PEP 476 ? Is it "acceptable" for downstream packagers to patch python's
> default cert locations ?
>
> There *are* no default cert locations on Windows or macOS that can be
> accessed by OpenSSL.
>
Also, doesn't that contradict the wording of PEP 476, specifically " Python
would use the system provided certificate database on all platforms.
Failure to locate such a database would be an error, and users would need
to explicitly specify a location to fix it." ?
Or is that PEP a long term goal, and not a description of the current
status ?
David
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-dev/attachments/20170130/27da721e/attachment-0001.html>
More information about the Python-Dev
mailing list