[Catalog-sig] Access to Windows' cert store
christian at python.org
Thu Mar 21 14:32:24 CET 2013
Am 21.03.2013 13:58, schrieb M.-A. Lemburg:
> Why not simply use the Firefox certs ?
> We started adding these to our pyOpenSSL distribution with the last release:
Sure, that's another viable option. But IIRC some people have raised
> You can setup OpenSSL Contexts to validate based in-memory
> certificate as well: just add the certs one by one to the
> Context using the X509Store object you can obtain using
I assume you are talking about pyOpenSSL? I was referring to Python's
SSL module. It can only load CA certs from a file or directory. It would
be a useful feature for Python's SSL module, too.
> I think this would be useful addition for pyOpenSSL as well - if
> it's possible to extract the Windows certificates without admin
The code works without special privileges. The MSDN references don't
mention any restrictions, too. The code is rather simple -- I'm only
using four functions and three structs.
More information about the Catalog-SIG