Christian Heimes <li...@cheimes.de> added the comment:
OpenSSL 1.1.0 is more strict than OpenSSL 1.0.2. That's why you don't see the issue with Python 3.6 but with 3.7. The problem is explained in https://mta.openssl.org/pipermail/openssl-dev/2016-February/005100.html The CA has encoded the integer 102 (0x66) as "02 04 00 00 00 66", which violates the DER standard. The correct encoding is "02 01 66". >>> from asn1crypto.core import Integer >>> import binascii >>> binascii.hexlify(Integer(102).dump()) b'020166' ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <https://bugs.python.org/issue35665> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
