Ronald Oussoren added the comment: The one difference between the system openssl and a separately compiled one is that the former can use the CA root from the KeyChain (and uses a private API to do that, as noted earlier).
I just stumbled across a utility that can sync the KeyChain to an OpenSSL CA file: <https://svn.macports.org/repository/macports/trunk/dports/security/certsync/files/certsync.m>, and a blog message at <http://landonf.bikemonkey.org/code/macosx/certsync.20130514.html> ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue17128> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
