Skip to content

bpo-38470: Add hostname support to ssl.get_server_certificate. #16819

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
juhovh wants to merge 1 commit into from
Closed

bpo-38470: Add hostname support to ssl.get_server_certificate. #16819

juhovh wants to merge 1 commit into from

Conversation

@juhovh
Copy link
Contributor

@juhovh juhovh commented Oct 16, 2019
edited by bedevere-bot
Loading

Many servers in the cloud environment require SNI to be used during the
SSL/TLS handshake, therefore it is not possible to fetch their certificates
using the ssl.get_server_certificate interface.

This change adds an additional optional hostname argument that can be used to
set the SNI. Note that it is intentionally a separate argument instead of
using the host part of the addr tuple, because one might want to explicitly
fetch the default certificate or fetch a certificate from a specific IP
address with the specified SNI hostname. A separate argument also works better
for backwards compatibility.

https://bugs.python.org/issue38470

@juhovh
bpo-38470: Add hostname support to ssl.get_server_certificate.
5e81a2e 
Many servers in the cloud environment require SNI to be used during the
SSL/TLS handshake, therefore it is not possible to fetch their certificates
using the ssl.get_server_certificate interface.

This change adds an additional optional hostname argument that can be used to
set the SNI. Note that it is intentionally a separate argument instead of
using the host part of the addr tuple, because one might want to explicitly
fetch the default certificate or fetch a certificate from a specific IP
address with the specified SNI hostname. A separate argument also works better
for backwards compatibility.
@juhovh juhovh requested a review from tiran as a code owner October 16, 2019 09:00
@juhovh
Copy link
Contributor Author

juhovh commented Oct 16, 2019

Accidentally had invalid bpo issue name. 😓 Will close this and re-open a new one.

@juhovh juhovh closed this Oct 16, 2019
@juhovh juhovh deleted the fix-issue-36076 branch October 16, 2019 09:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tiran tiran Awaiting requested review from tiran

Assignees

No one assigned

Labels

awaiting review

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@juhovh @the-knights-who-say-ni @bedevere-bot