On 11 January 2017 at 14:04, Donald Stufft
On Jan 10, 2017, at 10:59 PM, Nick Coghlan
wrote: (The problem with RHEL 6 is that even though the *OS* has supported TLS v1.2 since RHEL 6.5, *Python 2.6* doesn't properly support accessing them through the standard library's SSL module, since it's missing the features backported from 3.x by PEP 466) No, but it doesn’t matter, the version of Python doesn’t control it at all since we use PROTOCOL_SSLv23 which will automatically negotiate the highest protocol OpenSSL supports, whether Python has bound the PROTOCOL_TLSv1_X constant and implemented the methods for it or not. So Python 2.6 is perfectly capable of talking to a TLSv1.2 site (it however, is not capable of explicitly saying it *needs* only TLSv1.2).
See:
$ python2.6 -c "import urllib2,json; print(json.loads(urllib2.urlopen('https://www.howsmyssl.com/a/check').read())['tls_version'])" TLS 1.2
Ah, excellent. In that case, RHEL 6 should be fine as well, as 6.5 was released back in 2013, and the extended update support for 6.4 ended in March 2015. Cheers, Nick. -- Nick Coghlan | ncoghlan@gmail.com | Brisbane, Australia