Revision - e257574 - bpo-31432: Clarify ssl CERT_NONE/OPTIONAL/REQUIRED docs. [...]

Staging
v0.8.1

Revision e25757408dc22561af9f9589c2c7e2a2fbb66ee4 authored by Ned Deily on 12 June 2018, 01:44:58 UTC, committed by GitHub on 12 June 2018, 01:44:58 UTC

bpo-31432: Clarify ssl CERT_NONE/OPTIONAL/REQUIRED docs. (GH-3530) (GH-7652)

The documentation for CERT_NONE, CERT_OPTIONAL, and CERT_REQUIRED were
misleading and partly wrong. It fails to explain that OpenSSL behaves
differently in client and server mode. Also OpenSSL does validate the
cert chain everytime. With SSL_VERIFY_NONE a validation error is not
fatal in client mode and does not request a client cert in server mode.
Also discourage people from using CERT_OPTIONAL in client mode.

1 parent 2023eaf

Files
Changes

Permalinks

3.6.4.rst

.. bpo: 0
.. date: 2017-12-18
.. no changes: True
.. nonce: qH8KPG
.. release date: 2017-12-18
.. section: Library

There were no new code changes in version 3.6.4 since v3.6.4rc1.

Showing with 0 additions and 0 deletions (0 / 0 diffs computed)

Computing file changes ...