This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author christian.heimes
Recipients christian.heimes
Date 2013-06-17.18:07:25
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <>
As expected it is much harder to get the full certification chain from OpenSSL than I initially expected. SSL_get_peer_cert_chain() doesn't return the root CA's certificate. The new patch introduces a validation mode and uses X509_verify_cert(*X509_STORE_CTX) + X509_STORE_CTX_get1_chain() to build a full chain.
Date User Action Args
2013-06-17 18:07:25christian.heimessetrecipients: + christian.heimes
2013-06-17 18:07:25christian.heimessetmessageid: <>
2013-06-17 18:07:25christian.heimeslinkissue18233 messages
2013-06-17 18:07:25christian.heimescreate