Skip to content

ssl.SSLObject and ssl.SSLSocket should expose method to get certificate chain#109109

New issue
New issue
Closed
Closed
ssl.SSLObject and ssl.SSLSocket should expose method to get certificate chain#109109
Labels
3.13bugs and security fixestopic-SSLtype-featureA feature request or enhancement
@matiuszka

Description

@matiuszka
matiuszka
opened on Sep 7, 2023

Feature or enhancement

Proposal:

Being able to get a certificate chain is needed to perform OCSP revocation checks.
Starting from py3.10 we can at least call C-level API directly, but I guess such a crucial functionality should be documented and exposed in Python API:

ssl_socket._sslobj.get_unverified_chain()

Has this already been discussed elsewhere?

No response given

Links to previous discussion of this feature:

No response

Linked PRs

Metadata

Metadata

Assignees

No one assigned

    Labels

    3.13bugs and security fixestopic-SSLtype-featureA feature request or enhancement

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions