Message343027
Hi Michael Felt,
> And, what it looks like you are trying to do with an updated 'signing" .pem is to remove the 'self-signed' charasteric.
If I understand it correctly, the new certificate is indeed still self-signed. It's updated to match the certificate deployed at https://self-signed.pythontest.net/. Under the hood load_verify_locations() at line 1628 is used to make the test accept any valid certificate signed with the given certificate.
As a record, with CPython e7cb23bf2079087068a08502f96fdf20b317d69c and OpenSSL 1.1.1b on Arch Linux x86_64, the test is green:
test_networked_good_cert (test.test_httplib.HTTPSTest) ... ok
By the way, I believe the "key too weak" workaround can be removed now and then this issue can be closed. |
|
Date |
User |
Action |
Args |
2019-05-21 12:12:20 | yan12125 | set | recipients:
+ yan12125, gregory.p.smith, ned.deily, Michael.Felt, EWDurbin, miss-islington |
2019-05-21 12:12:20 | yan12125 | set | messageid: <1558440740.7.0.408377951522.issue36816@roundup.psfhosted.org> |
2019-05-21 12:12:20 | yan12125 | link | issue36816 messages |
2019-05-21 12:12:20 | yan12125 | create | |
|