KEMBAR78
`ssl.SSLObject` and `ssl.SSLSocket` should expose method to get certificate chain · Issue #109109 · python/cpython · GitHub
Skip to content

ssl.SSLObject and ssl.SSLSocket should expose method to get certificate chain #109109

@matiuszka

Description

@matiuszka

Feature or enhancement

Proposal:

Being able to get a certificate chain is needed to perform OCSP revocation checks.
Starting from py3.10 we can at least call C-level API directly, but I guess such a crucial functionality should be documented and exposed in Python API:

ssl_socket._sslobj.get_unverified_chain()

Has this already been discussed elsewhere?

No response given

Links to previous discussion of this feature:

No response

Linked PRs

Metadata

Metadata

Assignees

No one assigned

    Labels

    3.13bugs and security fixestopic-SSLtype-featureA feature request or enhancement

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions