Christian Heimes added the comment: The patch implements a new method SSLContext.load_default_certs(). A new method is a required because set_default_verify_paths() doesn't have a way to specify a purpose. Every cert store allows the user to specify the purpose of a certificate (e.g. suitable for every purpose or just for serverAuth and clientAuth). The feature is supported by NSS certdata.txt, Windows API and Apple's crypto API.
The patch is rather simple and uses features implemented in issues #17134 Use Windows' certificate store for CA certs #18138 ctx.load_verify_locations(cadata) #19448 SSL: add OID / NID lookup ---------- keywords: +patch nosy: +giampaolo.rodola, janssen priority: normal -> high stage: needs patch -> patch review Added file: http://bugs.python.org/file32768/load_default_certs.patch _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue19292> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
