[New-bugs-announce] [issue40849] Expose X509_V_FLAG_PARTIAL_CHAIN ssl flag

l0x report at bugs.python.org
Tue Jun 2 15:20:28 EDT 2020

New submission from l0x <l0x at protonmail.com>:

This simple patch exposes OpenSSL's X509_V_FLAG_PARTIAL_CHAIN if it is defined. This lets us  trust a certificate if it is signed by a certificate in the trust store, even if that CA is not a root CA. It makes it possible to trust an intermediate CA without trusting the root and all the other intermediate CAs it has signed.

assignee: christian.heimes
components: SSL
messages: 370621
nosy: christian.heimes, l0x
priority: normal
pull_requests: 19828
severity: normal
status: open
title: Expose X509_V_FLAG_PARTIAL_CHAIN ssl flag
type: enhancement

Python tracker <report at bugs.python.org>

More information about the New-bugs-announce mailing list