Christian Heimes <li...@cheimes.de> added the comment:

I got bad news. OpenSSL 1.1.1i introduced a regression in cert validation. This 
affects some cases that involve self-signed certificates. Cert validation fails 
if a self-signed certificate is used as both a trust anchor (root CA) and EE 
cert. This may affect Python.

Would it be possible to rebuild our OpenSSL binaries with patch 
https://github.com/openssl/openssl/pull/13749 ?

----------
resolution: fixed -> 
stage: resolved -> patch review
status: closed -> open
type:  -> behavior

_______________________________________
Python tracker <rep...@bugs.python.org>
<https://bugs.python.org/issue41837>
_______________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

Reply via email to