[New-bugs-announce] [issue37845] SLCertVerificationError: Unable to handle SAN names (from Certifications) published with white spaces at start
David K.
report at bugs.python.org
Tue Aug 13 14:33:24 EDT 2019
New submission from David K. <dikaveman at gmail.com>:
Unable to establish SSL connections using company's private certificates where their SANs (Subject Alternative Names) contain at least one DNS Name that starts with white spaces.
Attempting to establish SSL connection would result in Exception:
SSLCertVerificationError("partial wildcards in leftmost label are not supported: ' *.x.y.com'.")
This situation made us co-depended on SecOps in a big company where ultimately all other none-python apps weren't effected by that change they made and thus couldn't or wouldn't fix the problem on their side for us. (We were at their mercy!)
I originally encountered this bug @ Python 3.7 and fixed it manually on my own local Python environment.
As the bug seems to be still unfixed to date, I publish this issue.
A small and simple fix will follow shortly on github.
----------
assignee: christian.heimes
components: SSL
messages: 349600
nosy: DK26, christian.heimes
priority: normal
severity: normal
status: open
title: SLCertVerificationError: Unable to handle SAN names (from Certifications) published with white spaces at start
type: security
versions: Python 3.9
_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue37845>
_______________________________________
More information about the New-bugs-announce
mailing list