[issue18617] TLS and Intermediate Certificates

Changes by Chi Hsuan Yen : -- nosy: +Chi Hsuan Yen ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail

[issue18617] TLS and Intermediate Certificates

Changes by Christian Heimes : -- components: +SSL versions: -Python 3.6 ___ Python tracker ___ ___ Python-bugs-list mailing list Unsu

[issue18617] TLS and Intermediate Certificates

Changes by Christian Heimes : -- versions: +Python 3.6, Python 3.7 -Python 2.7, Python 3.3, Python 3.4, Python 3.5 ___ Python tracker ___ ___

[issue18617] TLS and Intermediate Certificates

Sam Vilain added the comment: Perhaps the simplest thing here is to add a standard verify callback that catches verification errors, and returns the parsed server certificate as an attribute of the raised exception object. From python, the exception can be caught and then the certificate data

[issue18617] TLS and Intermediate Certificates

Antoine Pitrou added the comment: I'm afraid downloading certs on the fly would open a whole new can of worms, so I'd rather have it documented indeed :) -- nosy: +pitrou ___ Python tracker ___

[issue18617] TLS and Intermediate Certificates

Christian Heimes added the comment: Donald, could you please provide a doc update that explains the problem? -- assignee: -> docs@python nosy: +docs@python ___ Python tracker __

[issue18617] TLS and Intermediate Certificates

Christian Heimes added the comment: Thx! Let's update the docs for 2.7 to 3.4 first. For AIA intermediate cert retrieval we have to use OpenSSL's verify hook. It's a pain to implement all necessary bits and hard to use, though. :( -- nosy: +christian.heimes versions: +Python 2.7, Pyt

[issue18617] TLS and Intermediate Certificates

New submission from Donald Stufft: Currently the Python SSL module requires the full chain, including all intermediaries, to be served in order to validate a TLS connection. This isn't *wrong* however a number of folks have had issues trying to setup a custom PyPI index in pip due to missing t