[issue40127] Documentation of SSL library

Change by Terry J. Reedy : -- versions: -Python 2.7, Python 3.5, Python 3.6 ___ Python tracker ___ ___ Python-bugs-list mailing lis

[issue40127] Documentation of SSL library

Christophe Nanteuil added the comment: I modified the PR according to the source code: "if all three are None and SSLContext.verify_mode is not set to CERT_NONE, this function uses the system's default CA certificates." The way the system is configured may depend on multiple parameters but I

[issue40127] Documentation of SSL library

Christophe Nanteuil added the comment: Thanks for clarifying the choice. I understand that we could state : " if cafile ... are None, the function falls back to user/system configuration (which is beyond this documentation)." -- ___ Python tracker

[issue40127] Documentation of SSL library

Christian Heimes added the comment: There are choices beyond our control. For example the operating system may not have a usable trust store. OpenSSL's builtin paths may not be correctly configured to locate the trust store. The user may have configured her/his environment to load other or n

[issue40127] Documentation of SSL library

Change by Christophe Nanteuil : -- keywords: +patch pull_requests: +18611 stage: -> patch review pull_request: https://github.com/python/cpython/pull/19253 ___ Python tracker

[issue40127] Documentation of SSL library

Change by Christophe Nanteuil : -- type: -> enhancement ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe: http

[issue40127] Documentation of SSL library

New submission from Christophe Nanteuil : For the ssl.create_default_context() function, it states that, "if cafile, capath and cadata are None, the function *can* choose to trust the system's default CA certificates instead". This statement is not clear as, if the values are None, there is no