On 21.03.2013 13:06, Christian Heimes wrote: > Hi, > > the message is slightly off-topic but it might be interesting for pip, > setuptools and other developers that are working on HTTPS for PyPI. > > I while ago I found C++ example code that shows how to dump CA and CRL > certs from Windows's system cert store. The system cert store contains > the certificates used by Windows, IE etc.
Why not simply use the Firefox certs ? We started adding these to our pyOpenSSL distribution with the last release: https://cms.egenix.com/products/python/pyOpenSSL/doc/#Module_OpenSSL.ca_bundle > Yesterday I reimplemented the C++ code with Python and ctypes. I have > tested it with Python 2.6 to 3.3 (x86 and x86_64) on Windows 7. It > should work with Windows XP / Windows Server 2003 and all newer versions > of Windows. The output is usabl by Python's SSL module but you have to > dump the certs to a file first. You can setup OpenSSL Contexts to validate based in-memory certificate as well: just add the certs one by one to the Context using the X509Store object you can obtain using context.get_cert_store(). > I'm planing to add the feature to Python 3.4, too. > http://bugs.python.org/issue17134 > > You can download the code from > > https://bitbucket.org/tiran/wincertstore I think this would be useful addition for pyOpenSSL as well - if it's possible to extract the Windows certificates without admin rights. -- Marc-Andre Lemburg eGenix.com Professional Python Services directly from the Source (#1, Mar 21 2013) >>> Python Projects, Consulting and Support ... http://www.egenix.com/ >>> mxODBC.Zope/Plone.Database.Adapter ... http://zope.egenix.com/ >>> mxODBC, mxDateTime, mxTextTools ... http://python.egenix.com/ ________________________________________________________________________ 2013-03-13: Released eGenix pyOpenSSL 0.13 ... http://egenix.com/go39 ::::: Try our mxODBC.Connect Python Database Interface for free ! :::::: eGenix.com Software, Skills and Services GmbH Pastor-Loeh-Str.48 D-40764 Langenfeld, Germany. CEO Dipl.-Math. Marc-Andre Lemburg Registered at Amtsgericht Duesseldorf: HRB 46611 http://www.egenix.com/company/contact/ _______________________________________________ Catalog-SIG mailing list [email protected] http://mail.python.org/mailman/listinfo/catalog-sig
