Derek Wilson added the comment: Custom cert validation may make sense in edge cases, so this looks interesting.
But I got here looking to file a bug on the returning empty dict from SSLContext.getpeercert - I don't feel like that makes sense. Its not like a peer cert doesn't exist just because it doesn't pass verification. And I know I can get the binary DER cert, but then I need to figure out how to parse it myself? pyasn1 makes me cry. It would be really nice if we could get the decoded-into-dict peer cert even when verification fails or when CERT_NONE is set. If it isn't possible (or advisable) for getpeercert to return the dict, exposing cert decoder would be really useful. Is this related enough to this request or should I file a separate issue? ---------- nosy: +underrun _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue18293> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
