[issue17128] OS X system openssl deprecated - installer should build local libssl
Ronald Oussoren
report at bugs.python.org
Mon Jul 8 08:15:25 CEST 2013
Ronald Oussoren added the comment:
The file not even empty, it doesn't even exist in default installations.
As Ned mentioned the CA roots on OSX are stored in a system database (the keychain). The situation is more or less the same as on Windows: their either needs to be code that queries the system keychain to get the CA roots, or we need to use some other CA list (like the mozilla one).
I'd prefer the former because that's easier for the end user (add the company-wide CA cert to the system database to configure it system wide instead of hunting down where every app stores it CA list).
One glitch: a lot of Apple API's above the Unix layer are unsafe when used in a process started with os.fork (without calling execv), I don't know yet if the keychain APIs are also affected by this.
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue17128>
_______________________________________
More information about the Python-bugs-list
mailing list