Chi Hsuan Yen <yan12...@gmail.com> writes: > ... > I found that OpenSSL provides an X509 callback hook that allows clients to > know why the verification process fails.
For a long time, Python 2 (unlike Python 3) did not perform certificate validation at all. As a consequence, some developpers provided the functionality in external packages. Maybe, one of those exposes the callback you have found. I never used one of those packages and cannot provide more information that what I said above. You might also look at "PyOpenSSL" (--> "PyPI"). Apparently, it supports callbacks written in Python. Again, I have not myself used this package. -- https://mail.python.org/mailman/listinfo/python-list
