[Catalog-sig] Access to Windows' cert store
mal at egenix.com
Thu Mar 21 13:58:34 CET 2013
On 21.03.2013 13:06, Christian Heimes wrote:
> the message is slightly off-topic but it might be interesting for pip,
> setuptools and other developers that are working on HTTPS for PyPI.
> I while ago I found C++ example code that shows how to dump CA and CRL
> certs from Windows's system cert store. The system cert store contains
> the certificates used by Windows, IE etc.
Why not simply use the Firefox certs ?
We started adding these to our pyOpenSSL distribution with the last release:
> Yesterday I reimplemented the C++ code with Python and ctypes. I have
> tested it with Python 2.6 to 3.3 (x86 and x86_64) on Windows 7. It
> should work with Windows XP / Windows Server 2003 and all newer versions
> of Windows. The output is usabl by Python's SSL module but you have to
> dump the certs to a file first.
You can setup OpenSSL Contexts to validate based in-memory
certificate as well: just add the certs one by one to the
Context using the X509Store object you can obtain using
> I'm planing to add the feature to Python 3.4, too.
> You can download the code from
I think this would be useful addition for pyOpenSSL as well - if
it's possible to extract the Windows certificates without admin
Professional Python Services directly from the Source (#1, Mar 21 2013)
>>> Python Projects, Consulting and Support ... http://www.egenix.com/
>>> mxODBC.Zope/Plone.Database.Adapter ... http://zope.egenix.com/
>>> mxODBC, mxDateTime, mxTextTools ... http://python.egenix.com/
2013-03-13: Released eGenix pyOpenSSL 0.13 ... http://egenix.com/go39
::::: Try our mxODBC.Connect Python Database Interface for free ! ::::::
eGenix.com Software, Skills and Services GmbH Pastor-Loeh-Str.48
D-40764 Langenfeld, Germany. CEO Dipl.-Math. Marc-Andre Lemburg
Registered at Amtsgericht Duesseldorf: HRB 46611
More information about the Catalog-SIG