Steve Dower added the comment: When I was stepping through, this callback avoided all of those lookups, so I don't understand how it's being called too late?
This approach basically takes the entire raw certificate and lets the OS do whatever it needs. OpenSSL doesn't ever have to crack it open at all (or at least when it does, it can assume the whole chain is trusted). What am I missing here? I've got no doubt I'm missing something, as OpenSSL is possibly the most complicated code I've ever seen :) ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue28747> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com