This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author martius
Recipients asvetlov, brandon-rhodes, christian.heimes, dstufft, giampaolo.rodola, jcea, kristjan.jonsson, martius, pitrou, vstinner
Date 2015-07-09.13:01:52
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <>

I would like to update this patch so it can finally land in cpython, hopefully 3.6.

tl;dr of the thread:
In a nutshell, the latest patch from Kristján Valur Jónsson updates
SSLContext.load_cert_chain(certfile, keyfile=None, password=None) and
SSLContext.load_verify_locations(cafile=None, capath=None)

so certfile, keyfile and cafile can be either a string representing a path to a file or a file-like object.

The discussion seems to favor this API (pass file-like objects) rather than using new arguments (certdata, keydata) to pass string or bytes objects.

However, Christian Heimes proposed a patch (which landed in 3.4) which adds a cadata argument to load_verify_locations().

So, what should we do?
- allow certfile, keyfile and cafile to be paths or file-like objects,
- add certdata and keydata to load_cert_chain() to be consistent with load_verify_locations(), 
- do both.

I'd go the the 2nd solution to be consistent with the API and keep things simple.
Date User Action Args
2015-07-09 13:01:53martiussetrecipients: + martius, jcea, pitrou, kristjan.jonsson, vstinner, giampaolo.rodola, christian.heimes, asvetlov, brandon-rhodes, dstufft
2015-07-09 13:01:53martiussetmessageid: <>
2015-07-09 13:01:53martiuslinkissue16487 messages
2015-07-09 13:01:52martiuscreate