Chih-Hsuan Yen <yan12...@gmail.com> added the comment:
Hi Michael Felt, > And, what it looks like you are trying to do with an updated 'signing" .pem > is to remove the 'self-signed' charasteric. If I understand it correctly, the new certificate is indeed still self-signed. It's updated to match the certificate deployed at https://self-signed.pythontest.net/. Under the hood load_verify_locations() at line 1628 is used to make the test accept any valid certificate signed with the given certificate. As a record, with CPython e7cb23bf2079087068a08502f96fdf20b317d69c and OpenSSL 1.1.1b on Arch Linux x86_64, the test is green: test_networked_good_cert (test.test_httplib.HTTPSTest) ... ok By the way, I believe the "key too weak" workaround can be removed now and then this issue can be closed. ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <https://bugs.python.org/issue36816> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
