Nathaniel Smith <n...@pobox.com> added the comment: Yeah, I'm not entirely sure whether fixing this is actually doable or worthwhile, but figured I should at least make an issue to discuss :-).
The problem is, in the motivating use case of wanting to be able to reliably convert an SSLContext into some other representation, we really need to be able to get 100% of the configuration out. I think the trust configuration can probably be handled in principle by remembering the arguments to any calls to load_verify_locations, so they can be replayed later. But... that won't work for private keys, because if they're password-protected then replaying a call to load_cert_chain will end up prompting for the password twice. So maybe we really would need a way to pull out the actual private key bits. And if we can't do that, then maybe it's not worth stressing about the other stuff either... ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <https://bugs.python.org/issue32359> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
