This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author dstufft
Recipients dstufft
Date 2013-08-01.16:58:37
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <>
Currently the Python SSL module requires the full chain, including all intermediaries, to be served in order to validate a TLS connection. This isn't *wrong* however a number of folks have had issues trying to setup a custom PyPI index in pip due to missing them. The believed the problem with validation to be in pip/Python because it works in their browser.

Essentially browsers have the ability to download missing intermediate certs using an url found inside the AIA data. This is slow and isn't generally recommended that you rely on it for any particular site. However it does mean that TLS connections work in more situations.

At the least this should probably be documented, and possibly the Python library be enhanced to be more browser like in this regard.
Date User Action Args
2013-08-01 16:58:38dstufftsetrecipients: + dstufft
2013-08-01 16:58:37dstufftsetmessageid: <>
2013-08-01 16:58:37dstufftlinkissue18617 messages
2013-08-01 16:58:37dstufftcreate