This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author pitrou
Recipients alex, barry, bkabrda, doko, dstufft, janssen, lemburg, ncoghlan, pitrou, r.david.murray, rkuska, vstinner
Date 2015-04-05.19:36:19
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <>
In-reply-to <>
Le 05/04/2015 21:26, Marc-Andre Lemburg a écrit :
> But this is only an example of an application not working anymore
> because the system's OpenSSL could not verify certificates.
> In this case, no root CA certs were available. On older systems
> with proper root CA certs, it's likely that the newer CA certs
> needed to verify the PyPI certificates are not installed...
> and yes: those system do exist and are in active use, simply because
> they cannot be upgraded for other reasons :-)

Let's sum it up:

- the machine can't be upgraded, but you are upgrading Python by hand

- OpenSSL is installed but there are no root CA certs (?!)

- the machine probably isn't ever doing a single verified HTTPS access,
for the previous reason, and nobody cares about it

- you want to be able to use unauthenticated HTTPS to download and
install software from the Internet

And, since this is an AIX machine, I'm presuming this isn't a hobbyist's
setup, but an enterprise system with paid-for support and licenses,
right? And you want the python-dev community to care for that broken
situation by bearing the cost of additional maintenance and security
risk in implementing the new configuration options?
Date User Action Args
2015-04-05 19:36:19pitrousetrecipients: + pitrou, lemburg, barry, doko, ncoghlan, janssen, vstinner, alex, r.david.murray, bkabrda, dstufft, rkuska
2015-04-05 19:36:19pitroulinkissue23857 messages
2015-04-05 19:36:19pitroucreate