On 2022-02-04, Dieter Maurer <die...@handshake.de> wrote: > Grant Edwards wrote at 2022-2-3 14:36 -0800: >>On 2022-02-03, Barry <ba...@barrys-emacs.org> wrote: >> ... >>I've looked through the ssl.Context documentation multiple times, and >>haven't been able to spot any option or flag that disables client >>certificate validation or allows the user to override the actual >>client certificate validation process. > > Note that Python does not do the certificate validation itself > but delegates this to the underlying SSL library. > Thus, this library would need to support your use case. > It may not as your scenario is quite special.
The corresponding scenario is easily supported for the client side. Even "openssl s_client" offers the option to ignore cert validation failures and print the cert anyway. It seems odd that s_server can't do the same. -- Grant -- https://mail.python.org/mailman/listinfo/python-list
