Message 293778 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	joernheissler
Recipients	asmodai, chet, christian.heimes, dsoprea, dstufft, jcea, joernheissler, maker, miki725, mmasztalerczuk, pitrou, underrun
Date	2017-05-16.18:53:14
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1494960795.1.0.0679825431828.issue18233@psf.upfronthosting.co.za>
In-reply-to

Content
Hi, I'd like to see this feature too. My use case is a monitoring script to check the life time of the server certificate, including the chain. I would prefer to have a wrapper around SSL_get_peer_cert_chain. I understand that this is not a verified chain. That's okay. openssl-1.1 added a new function SSL_get0_verified_chain which may be safer for most applications. Is there any real difference to X509_STORE_CTX_get1_chain? If you're worried about people misusing these functions, add a warning in the docs and point them to "get_peer_verified_chain"?

Hi,
I'd like to see this feature too.

My use case is a monitoring script to check the life time of the server certificate, including the chain. I would prefer to have a wrapper around SSL_get_peer_cert_chain.
I understand that this is *not* a verified chain. That's okay.

openssl-1.1 added a new function SSL_get0_verified_chain which may be safer for most applications. Is there any real difference to X509_STORE_CTX_get1_chain?

If you're worried about people misusing these functions, add a warning in the docs and point them to "get_peer_verified_chain"?

History
Date	User	Action	Args
2017-05-16 18:53:15	joernheissler	set	recipients: + joernheissler, jcea, pitrou, christian.heimes, asmodai, maker, underrun, dstufft, dsoprea, miki725, mmasztalerczuk, chet
2017-05-16 18:53:15	joernheissler	set	messageid: <1494960795.1.0.0679825431828.issue18233@psf.upfronthosting.co.za>
2017-05-16 18:53:15	joernheissler	link	issue18233 messages
2017-05-16 18:53:14	joernheissler	create