Christian Heimes <li...@cheimes.de> added the comment:
I got bad news. OpenSSL 1.1.1i introduced a regression in cert validation. This affects some cases that involve self-signed certificates. Cert validation fails if a self-signed certificate is used as both a trust anchor (root CA) and EE cert. This may affect Python. Would it be possible to rebuild our OpenSSL binaries with patch https://github.com/openssl/openssl/pull/13749 ? ---------- resolution: fixed -> stage: resolved -> patch review status: closed -> open type: -> behavior _______________________________________ Python tracker <rep...@bugs.python.org> <https://bugs.python.org/issue41837> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com