STINNER Victor added the comment: > Any of the other options such as PROTOCOL_TLSv1 will fix the protocol version > to that one protocol version, whereas PROTOCOL_SSLv23 means to use any > protocol starting with SSLv2. In the context options you can then disable > SSLv2 and SSLv3 to e.g. have the connection use TLS 1.0 or later.
get_server_certificate() uses _create_unverified_context() (In Python 2.7, 3.4 & 3.5) which explicitly disable SSLv2 and SSLv3. I still have trouble to understand which protocol will be negociated. We use SSLv3 and disable SSLv3, so the server can only use SSLv23. Am I right? https://docs.python.org/dev/library/ssl.html#ssl.wrap_socket ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue22935> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
