Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[3.6] bpo-31432: Clarify ssl CERT_NONE/OPTIONAL/REQUIRED docs. (GH-3530) #7652

Merged
merged 1 commit into from
Jun 12, 2018
Merged

[3.6] bpo-31432: Clarify ssl CERT_NONE/OPTIONAL/REQUIRED docs. (GH-3530) #7652

merged 1 commit into from
Jun 12, 2018

Conversation

ned-deily
Copy link
Member

@ned-deily ned-deily commented Jun 12, 2018
edited by bedevere-bot
Loading

The documentation for CERT_NONE, CERT_OPTIONAL, and CERT_REQUIRED were
misleading and partly wrong. It fails to explain that OpenSSL behaves
differently in client and server mode. Also OpenSSL does validate the
cert chain everytime. With SSL_VERIFY_NONE a validation error is not
fatal in client mode and does not request a client cert in server mode.
Also discourage people from using CERT_OPTIONAL in client mode.

https://bugs.python.org/issue31432

@tiran @ned-deily
bpo-31432: Clarify ssl CERT_NONE/OPTIONAL/REQUIRED docs. (pythonGH-3530)
58e1f7f 
The documentation for CERT_NONE, CERT_OPTIONAL, and CERT_REQUIRED were
misleading and partly wrong. It fails to explain that OpenSSL behaves
differently in client and server mode. Also OpenSSL does validate the
cert chain everytime. With SSL_VERIFY_NONE a validation error is not
fatal in client mode and does not request a client cert in server mode.
Also discourage people from using CERT_OPTIONAL in client mode.
@ned-deily ned-deily changed the title bpo-31432: Clarify ssl CERT_NONE/OPTIONAL/REQUIRED docs. (GH-3530) [3.6] bpo-31432: Clarify ssl CERT_NONE/OPTIONAL/REQUIRED docs. (GH-3530) Jun 12, 2018
@bedevere-bot bedevere-bot mentioned this pull request Jun 12, 2018
Merged
@bedevere-bot bedevere-bot added the docs Documentation in the Doc dir label Jun 12, 2018
@ned-deily ned-deily merged commit e257574 into python:3.6 Jun 12, 2018
@ned-deily ned-deily deleted the bpo-31432-36 branch June 12, 2018 01:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
docs Documentation in the Doc dir
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@ned-deily @the-knights-who-say-ni @bedevere-bot @tiran