I would be wary of the proposed solution to 2 – I suspect it will do different things depending on which web browser is set as default (recipe for weird bugs when people have Chrome / IE / Edge / FireFox / Opera / Lynx as their default browser).
Is there any documentation regarding the issues with Python and SSL? If we need a call to trigger the certificate download before we do it ‘for real’, can we use WinInet or WinHTTP instead? (if necessary a small native Windows app that performs the call for us?) *lightbulb moment* Can we perform the call inside the OpenLP installer? Just some thoughts. -- 'Therefore, if anyone is in Christ, he is a new creation; the old has gone, the new has come!' - 2 Corinthians 5v17 <mailto:[email protected]> [email protected] From: openlp-dev [mailto:[email protected]] On Behalf Of Tim and Alison Bentley Sent: 18 February 2017 07:21 To: OpenLP Developers <[email protected]> Subject: Re: [openlp-dev] Windows and SSL My 2 Rand! 1) will be an endless set of changes trying to keep track of the root certificates and my give us different problems 2) it OpenLP has not run on a machine on windows issue a command to get the certificates. As you say it can be done in the background but could be done as a step in the FTW so it is obvious what is being done. process = subprocess.Popen("explore.exe https://get.openlp.io";, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE) Tim On 18 February 2017 at 04:19, Raoul Snyman <[email protected] <mailto:[email protected]> > wrote: Hello everyone, As some of you might know, we're having SSL issues on Windows. This is because Windows does not ship with all the root certificates and downloads them on the fly. Our current advice to people is to go to https://get.openlp.org/ in Internet Explorer or Edge and then try the First Time Wizard again (same applies to SongSelect). However, this is really tedious because we have to tell each and every person who visits the forums or IRC or e-mails the support system about it. There must be a better way. Sadly, Microsoft is not going to do anything about this, and unless Python changes the way they do things on Windows, we're probably going to be stuck with the problem. I see only 2 real options here. 1. Bundle all the root certs with OpenLP on Windows. We can tell Python where to find them. 2. When we want to access an https page, do some sort of pre-flight calling some internal Windows function to get the certs for us. Does anyone else have any ideas for how to solve this? In the mean time I'm going to write up a blog post and put a sticky post in the forums about this. -- Raoul Snyman +1 (520) 490-9743 <tel:%2B1%20%28520%29%20490-9743> [email protected] <mailto:[email protected]> _______________________________________________ openlp-dev mailing list [email protected] <mailto:[email protected]> https://lists.openlp.io/mailman/listinfo/openlp-dev -- Tim and Alison Bentley [email protected] <mailto:[email protected]>
_______________________________________________ openlp-dev mailing list [email protected] https://lists.openlp.io/mailman/listinfo/openlp-dev
