New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Client certificates with UniqueIdentifier in the subject break ssl.peer_certificate() #90390
Comments
Currently all subject sets of a client certificate are treated as UTF8 strings using the ASN1_STRING_to_UTF8 function ( Line 912 in 8d999cb
Traceback (most recent call last):
File "/usr/lib64/python3.6/asyncio/events.py", line 145, in _run
self._callback(*self._args)
File "/usr/lib64/python3.6/site-packages/tornado/platform/asyncio.py", line 138, in _handle_events
handler_func(fileobj, events)
File "/usr/lib64/python3.6/site-packages/tornado/iostream.py", line 702, in _handle_events
self._handle_read()
File "/usr/lib64/python3.6/site-packages/tornado/iostream.py", line 1471, in _handle_read
self._do_ssl_handshake()
File "/usr/lib64/python3.6/site-packages/tornado/iostream.py", line 1431, in _do_ssl_handshake
if not self._verify_cert(self.socket.getpeercert()):
File "/usr/lib64/python3.6/ssl.py", line 860, in getpeercert
return self._sslobj.getpeercert(binary_form)
File "/usr/lib64/python3.6/ssl.py", line 610, in getpeercert
return self._sslobj.peer_certificate(binary_form)
ssl.SSLError: unknown error (_ssl.c:959) (line 959 of _ssl.c corresponds to Line 914 in 8d999cb
pyca/cryptography#3542 might be of interest for further discussion. |
Thanks, looks to me like this has been completed |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.
Show more details
GitHub fields:
bugs.python.org fields:
The text was updated successfully, but these errors were encountered: