Author yan12125
Recipients EWDurbin, Michael.Felt, gregory.p.smith, miss-islington, ned.deily, yan12125
Date 2019-05-21.12:12:20
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1558440740.7.0.408377951522.issue36816@roundup.psfhosted.org>
In-reply-to
Content
Hi Michael Felt,

> And, what it looks like you are trying to do with an updated 'signing" .pem is to remove the 'self-signed' charasteric.

If I understand it correctly, the new certificate is indeed still self-signed. It's updated to match the certificate deployed at https://self-signed.pythontest.net/. Under the hood load_verify_locations() at line 1628 is used to make the test accept any valid certificate signed with the given certificate.

As a record, with CPython e7cb23bf2079087068a08502f96fdf20b317d69c and OpenSSL 1.1.1b on Arch Linux x86_64, the test is green:

test_networked_good_cert (test.test_httplib.HTTPSTest) ... ok

By the way, I believe the "key too weak" workaround can be removed now and then this issue can be closed.
History
Date User Action Args
2019-05-21 12:12:20yan12125setrecipients: + yan12125, gregory.p.smith, ned.deily, Michael.Felt, EWDurbin, miss-islington
2019-05-21 12:12:20yan12125setmessageid: <1558440740.7.0.408377951522.issue36816@roundup.psfhosted.org>
2019-05-21 12:12:20yan12125linkissue36816 messages
2019-05-21 12:12:20yan12125create