Christian Heimes added the comment: How about we include certsync [1] as an external program then? It's not as elegant as an internal API but it's not going to cause trouble with forking servers.
The first time a root CA cert is require, some new code in Python's SSL module runs certsync and grabs the list of PEM encoded certs from its stdout. The output is cached in a module variable and loaded with the new features from #16487 and #18138. How does that sound to you? [1] https://svn.macports.org/repository/macports/trunk/dports/security/certsync/files/certsync.m ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue17128> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
