ssl server: how to disable client cert verfication?
Grant Edwards
grant.b.edwards at gmail.com
Fri Feb 4 13:15:09 EST 2022
On 2022-02-04, Chris Angelico <rosuav at gmail.com> wrote:
> On Fri, 4 Feb 2022 at 09:37, Grant Edwards <grant.b.edwards at gmail.com> wrote:
>> I've looked through the ssl.Context documentation multiple times, and
>> haven't been able to spot any option or flag that disables client
>> certificate validation or allows the user to override the actual
>> client certificate validation process.
>
> What you're doing is a little unusual, so my first thought would be to
> subclass Context and override whatever method does the checks.
I've done a dir() on the Context object, and I don't see anything that
looks like a method to do the checks. I suspect that the Context
object doesn't actually _do_ anything, it just hold a reference to an
underlying openssl context object and allow to to change its
configuration values.
--
Grant
More information about the Python-list
mailing list