[issue14780] SSL should use OpenSSL-defined default certificate store if ca_certs parameter is omitted
James Oakley
report at bugs.python.org
Fri May 11 02:12:14 CEST 2012
New submission from James Oakley <jfunk at funktronics.ca>:
OpenSSL provides a method, SSL_CTX_set_default_verify_paths(), for loading a default certificate store, which is used by many distributions.
In openSUSE, the default store is not a bundle, but a directory-based store, which is not supported at all by the SSL module in Python 2.7. A bug related to this was assigned to me here:
https://bugzilla.novell.com/show_bug.cgi?id=761501
I created patches for the Python 2.7.3 and 3.2.3 SSL modules that will load the distribution-specific store if ca_certs is omitted.
----------
components: Library (Lib)
files: python-2.7.3-ssl_default_certs.patch
keywords: patch
messages: 160392
nosy: jfunk
priority: normal
severity: normal
status: open
title: SSL should use OpenSSL-defined default certificate store if ca_certs parameter is omitted
type: enhancement
Added file: http://bugs.python.org/file25533/python-2.7.3-ssl_default_certs.patch
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue14780>
_______________________________________
More information about the Python-bugs-list
mailing list