New submission from David K. <dikave...@gmail.com>:
Unable to establish SSL connections using company's private certificates where
their SANs (Subject Alternative Names) contain at least one DNS Name that
starts with white spaces.
Attempting to establish SSL connection would result in Exception:
SSLCertVerificationError("partial wildcards in leftmost label are not
supported: ' *.x.y.com'.")
This situation made us co-depended on SecOps in a big company where ultimately
all other none-python apps weren't effected by that change they made and thus
couldn't or wouldn't fix the problem on their side for us. (We were at their
mercy!)
I originally encountered this bug @ Python 3.7 and fixed it manually on my own
local Python environment.
As the bug seems to be still unfixed to date, I publish this issue.
A small and simple fix will follow shortly on github.
----------
assignee: christian.heimes
components: SSL
messages: 349600
nosy: DK26, christian.heimes
priority: normal
severity: normal
status: open
title: SLCertVerificationError: Unable to handle SAN names (from
Certifications) published with white spaces at start
type: security
versions: Python 3.9
_______________________________________
Python tracker <rep...@bugs.python.org>
<https://bugs.python.org/issue37845>
_______________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe:
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
