New submission from Derek Wilson: the ssl.get_server_certificate function is very useful for just requesting a cert. It would also be very useful to have a parallel function, possibly ssl.get_server_cert_chain that does the same thing except but provides a tuple of PEM encoded certs comprising the chain provided by the peer.
It would also be very useful, given that we have the ability to collect certs and cert chains without validating them, to have a separate convenience method for validation of certs given a cert (or chain) and the file/path to trusted CA root certs. This way we could collect a cert chain once and validate against different ca cert stores, or collect a set of cert chains and do batch validation. oh, and I'd love to see the _ssl._decode_certificate function exposed so that we can get easily get python data structure from certs. If any of this sounds useful I would be happy to submit patches. ---------- components: Extension Modules messages: 193654 nosy: underrun priority: normal severity: normal status: open title: ssl.get_server_certificate like addition for cert chain type: enhancement versions: Python 3.4 _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue18546> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
