[New-bugs-announce] [issue24107] Add support for retrieving the certificate chain

Cory Benfield report at bugs.python.org
Fri May 1 19:45:25 CEST 2015

New submission from Cory Benfield:

In order to perform HTTP Public Key Pinning (HPKP), it's necessary to have access to every certificate in the certificate trust chain. This is because the pinned key may actually be an intermediate or root certificate, rather than the leaf certificate.

PyOpenSSL offers this functionality, and it ought to be a relatively simple enhancement to expose the equivalent function in the stdlib.

For more background, see the urllib3 issue tracking the HPKP feature: https://github.com/shazow/urllib3/pull/607

components: Library (Lib)
messages: 242341
nosy: Lukasa
priority: normal
severity: normal
status: open
title: Add support for retrieving the certificate chain
type: enhancement
versions: Python 2.7, Python 3.5, Python 3.6

Python tracker <report at bugs.python.org>

More information about the New-bugs-announce mailing list